r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8467
Expires: Thu, 12 Jan 2023 00:36:50 GMT
Date: Wed, 11 Jan 2023 22:15:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2942
Expires: Wed, 11 Jan 2023 23:04:45 GMT
Date: Wed, 11 Jan 2023 22:15:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 21:48:38 GMT
content-type: application/json
age: 1625
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9103
Expires: Thu, 12 Jan 2023 00:47:26 GMT
Date: Wed, 11 Jan 2023 22:15:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lh9744q3fibRh4ZfYzSFwAdTzGxEcS9AFGORffJptOb2aLSbTszDlq7HDDRmKQDrWtbbN3I8BI4=
x-amz-request-id: QDXE8K66VZCPMG7S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 22:02:14 GMT
age: 809
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 22:15:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 21:33:45 GMT
age: 2518
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3683
Cache-Control: max-age=129150
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 22:15:43 GMT
Etag: "63be7c2a-1d7"
Expires: Fri, 13 Jan 2023 10:08:13 GMT
Last-Modified: Wed, 11 Jan 2023 09:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 2a77e84dca6bea512a7ea5d84c234da0
4c169fac52a62e39b5eb876f6c8076492a30eb30
efd1ca26c59aec58eccf099cdd9dafe0e2895b0536b5ecacd001853d682341ae
Analyzer Verdict Alert fortinet Malware
GET /down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
44.235.159.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.235.159.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b0gHotoOk+Ha3+SJj8VPQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hKKVpuykZuA3Zjyyn2AydCEN75M=
12803.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12803.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.66.133:0
Hash 74895c3141914c74b04c4beb26c8c9fb
0c63fb866ddbf45774e579c71a264dfe98010fff
4630af01fd30ac77576cfe824b8030f02297dbf0a02cfadb6834c3d56e836638
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 15 Jan 2023 21:01:40 GMT
ETag: "0c63fb866ddbf45774e579c71a264dfe98010fff"
Last-Modified: Wed, 11 Jan 2023 21:01:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 11 Jan 2023 22:15:44 GMT
Age: 960
X-Served-By: cache-qpg1252-QPG, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 14, 1
X-Timer: S1673475345.509483,VS0,VE1
12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5138), with no line terminators
Hash d04e6bcdb252da3a55e0088d6f7be687
d76d02d98641965f54d9fbe3797a188fe019447b
d6b206ece2fff8711c0408b392baae2e61993a74d11076409f055acb1b328595
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2143
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Wed, 11 Jan 2023 23:15:44 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0ce6ba4be3737e5-143
Server: yunjiasu
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:15:44 GMT
Last-Modified: Wed, 11 Jan 2023 07:12:34 GMT
ETag: "63be6162-1d7"
Expires: Fri, 13 Jan 2023 07:12:34 GMT
Cache-Control: max-age=118610
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475344
Via: cache20.l2de2[188,189,200-0,M], cache20.l2de2[190,0], cache2.se1[212,211,200-0,M], cache2.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616734753443731168e
12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5137), with no line terminators
Hash 215980a7a5537a93b8b21948ee363e2b
cdc83bf2823070667f7153a7f01d97650c4e40dd
b2561be64e159d5e8bc04db22c0a8aca1c1d70eca5d5776f59f5c10765edddf2
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2140
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Wed, 11 Jan 2023 23:15:44 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0ce6ba4443f37e0-143
Server: yunjiasu
12803.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.207301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.207:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache2.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9616734753446871331e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 11 Jan 2023 22:10:29 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=602887,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7880fb9358062c79-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673475029
via: cache2.l2de2[33,29,304-0,C], cache2.l2de2[30,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0], cache1.se1[3,0]
age: 315
x-cache: HIT TCP_MEM_HIT dirn:11:426789825
x-swift-savetime: Wed, 11 Jan 2023 22:10:29 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516734753447505036e, 2ff62c9516734753447505036e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 11 Jan 2023 22:10:29 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=602887,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7880fb9358062c79-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673475029
via: cache2.l2de2[33,33,304-0,M], cache12.l2de2[35,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0], cache4.se1[4,0]
age: 315
x-cache: HIT TCP_MEM_HIT dirn:6:754741351
x-swift-savetime: Wed, 11 Jan 2023 22:10:29 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9816734753447576363e, 2ff62c9816734753447576363e
12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be8a9ed61ab9a2563ea5b9752ba1c288
2ed84afd9206fbad8a212cd7ef18996daa6a8a8e
668275ed8ee9d970f77f9caccce0f74d0fece5b2543979d3f004e1c284797ca5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "668275ED8EE9D970F77F9CACCCE0F74D0FECE5B2543979D3F004E1C284797CA5"
Last-Modified: Wed, 11 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17210
Expires: Thu, 12 Jan 2023 03:02:34 GMT
Date: Wed, 11 Jan 2023 22:15:44 GMT
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
58.215.47.238200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Sun, 16 Oct 2022 13:25:06 GMT
vary: Accept-Encoding
x-oss-request-id: 634C0632C8A4583336606BB4
x-oss-cdn-auth: success
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 24
ali-swift-global-savetime: 1665926706
via: cache18.l2cm9-5[0,0,304-0,H], cache50.l2cm9-5[2,0], vcache24.cn4730[0,0,200-0,H], vcache26.cn4730[1,0]
content-encoding: gzip
age: 7548638
x-cache: HIT TCP_MEM_HIT dirn:10:468495416
x-swift-savetime: Thu, 08 Dec 2022 06:33:28 GMT
x-swift-cachetime: 10997498
timing-allow-origin: *
eagleid: 3ad72f2e16734753447692781e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:15:44 GMT
Last-Modified: Wed, 11 Jan 2023 07:12:34 GMT
ETag: "63be6162-1d7"
Expires: Fri, 13 Jan 2023 07:12:34 GMT
Cache-Control: max-age=118610
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475344
Via: cache21.l2de2[510,509,200-0,M], cache21.l2de2[511,0], cache5.se1[532,531,200-0,M], cache5.se1[533,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916734753443873531e
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
58.215.47.238200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Wed, 27 Jul 2022 14:28:04 GMT
x-oss-request-id: 62E14B74E3631F3036ACA162
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 79
ali-swift-global-savetime: 1658932084
via: cache38.l2cn2656[0,0,200-0,H], cache32.l2cn2656[1,0], vcache6.cn4730[0,0,200-0,H], vcache26.cn4730[3,0]
age: 14543260
x-cache: HIT TCP_MEM_HIT dirn:11:337917189
x-swift-savetime: Sat, 30 Jul 2022 00:39:32 GMT
x-swift-cachetime: 15342512
timing-allow-origin: *
eagleid: 3ad72f2e16734753448082791e
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 22:15:44 GMT
Ali-Swift-Global-Savetime: 1673475344
Via: cache17.l2de2[254,253,200-0,M], cache17.l2de2[255,0], cache2.se1[375,375,200-0,M], cache2.se1[378,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616734753445481268e
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
150.138.98.224200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 150.138.98.224:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Wed, 11 Jan 2023 21:35:49 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Wed, 11 Jan 2023 21:35:49 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1673472949
via: cache80.l2cn3032[0,0,200-0,H], cache42.l2cn3032[0,0], ens-cache32.cn4461[0,0,200-0,H], ens-cache41.cn4461[1,0]
age: 2395
x-cache: HIT TCP_MEM_HIT dirn:11:37366412
x-swift-savetime: Wed, 11 Jan 2023 21:35:57 GMT
x-swift-cachetime: 3592
timing-allow-origin: *
eagleid: 968a62bd16734753448164633e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:15:44 GMT
Last-Modified: Wed, 11 Jan 2023 07:12:34 GMT
ETag: "63be6162-1d7"
Expires: Fri, 13 Jan 2023 07:12:34 GMT
Cache-Control: max-age=118610
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475345
Via: cache21.l2de2[509,508,200-0,M], cache21.l2de2[510,0], cache1.se1[532,532,200-0,M], cache1.se1[534,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516734753445304894e
12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash 8f63967fabfa57536f320eddf798163e
f4d0bb790e8aed5e49faafcfacf3f08c4f8c222a
0494f667b2a71a3247ee941bcabb093e265577f14a8742a58ecd07d0025f5800
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Length: 370
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
58.215.47.238200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,304-0,H], cache45.l2cn3037[1,0], vcache24.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 2834822
x-cache: HIT TCP_MEM_HIT dirn:9:252203552
x-swift-savetime: Sat, 10 Dec 2022 03:12:06 GMT
x-swift-cachetime: 15550596
timing-allow-origin: *
eagleid: 3ad72f2e16734753448092795e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
58.215.47.238200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Tue, 18 Oct 2022 08:31:25 GMT
x-oss-request-id: 634E645DC8A4583832C601BC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 142
ali-swift-global-savetime: 1666081885
via: cache78.l2cn3037[0,0,304-0,H], cache42.l2cn3037[1,0], vcache2.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 7393459
x-cache: HIT TCP_MEM_HIT dirn:10:294695129
x-swift-savetime: Fri, 09 Dec 2022 18:24:49 GMT
x-swift-cachetime: 11023596
timing-allow-origin: *
eagleid: 3ad72f2e16734753448092793e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
58.215.47.238200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461A70130303428621A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 40
ali-swift-global-savetime: 1658930273
via: cache74.l2cn3037[0,0,304-0,H], cache18.l2cn3037[1,0], vcache13.cn4730[0,0,200-0,H], vcache26.cn4730[3,0]
age: 14545071
x-cache: HIT TCP_MEM_HIT dirn:11:386742728
x-swift-savetime: Tue, 27 Dec 2022 07:37:50 GMT
x-swift-cachetime: 2355603
timing-allow-origin: *
eagleid: 3ad72f2e16734753448092792e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Thu, 12 Jan 2023 10:15:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
58.215.47.238200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Sat, 23 Jul 2022 15:55:00 GMT
x-oss-request-id: 62DC19D4BA82AD393723CEE4
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 48
ali-swift-global-savetime: 1658591700
via: cache50.l2cn2656[0,0,200-0,H], cache9.l2cn2656[1,0], vcache2.cn4730[0,0,200-0,H], vcache26.cn4730[3,0]
age: 14883644
x-cache: HIT TCP_MEM_HIT dirn:11:84369409
x-swift-savetime: Sat, 30 Jul 2022 00:39:32 GMT
x-swift-cachetime: 15002128
timing-allow-origin: *
eagleid: 3ad72f2e16734753448092794e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
58.215.47.238200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Tue, 06 Dec 2022 22:52:39 GMT
x-oss-request-id: 638FC7B7AEF36B30351D8998
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 112
ali-swift-global-savetime: 1670367159
via: cache80.l2cn3037[0,0,304-0,H], cache39.l2cn3037[1,0], vcache1.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 3108185
x-cache: HIT TCP_MEM_HIT dirn:9:89807143
x-swift-savetime: Wed, 07 Dec 2022 00:24:32 GMT
x-swift-cachetime: 15546487
timing-allow-origin: *
eagleid: 3ad72f2e16734753448102796e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
58.215.47.238200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Wed, 27 Jul 2022 14:00:56 GMT
x-oss-request-id: 62E1451844A24C3331B8E6EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 53
ali-swift-global-savetime: 1658930456
via: cache67.l2cn3037[0,0,304-0,H], cache74.l2cn3037[0,0], vcache2.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 14544888
x-cache: HIT TCP_MEM_HIT dirn:9:208985151
x-swift-savetime: Tue, 11 Oct 2022 11:11:30 GMT
x-swift-cachetime: 8995766
timing-allow-origin: *
eagleid: 3ad72f2e16734753448102797e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
58.215.47.238200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Tue, 18 Oct 2022 05:04:16 GMT
x-oss-request-id: 634E33D0BA82AD3033A4E1BB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 139
ali-swift-global-savetime: 1666069456
via: cache70.l2cn3037[0,15,304-0,H], cache22.l2cn3037[17,0], vcache18.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 7405889
x-cache: HIT TCP_MEM_HIT dirn:10:227852342
x-swift-savetime: Tue, 18 Oct 2022 07:03:07 GMT
x-swift-cachetime: 15544869
timing-allow-origin: *
eagleid: 3ad72f2e16734753450332863e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
58.215.47.238200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Thu, 28 Jul 2022 08:20:37 GMT
x-oss-request-id: 62E246D52D1F2939368970C9
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 126
ali-swift-global-savetime: 1658996437
via: cache9.l2cn2656[0,0,200-0,H], cache44.l2cn2656[1,0], vcache13.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 14478908
x-cache: HIT TCP_MEM_HIT dirn:9:101924731
x-swift-savetime: Sat, 30 Jul 2022 00:39:32 GMT
x-swift-cachetime: 15406865
timing-allow-origin: *
eagleid: 3ad72f2e16734753450332864e
X-Firefox-Spdy: h2
static.mediav.com/js/mvf_g2.js
101.198.192.7200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Thu, 12 Jan 2023 03:15:45 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc01.hkht;HIT from w-sc04.bjyt
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
58.215.47.238200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Wed, 27 Jul 2022 11:55:49 GMT
x-oss-request-id: 62E127C580647F3533AA2514
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 68
ali-swift-global-savetime: 1658922949
via: cache50.l2cn3037[0,0,304-0,H], cache16.l2cn3037[1,0], vcache17.cn4730[0,0,200-0,H], vcache26.cn4730[2,0]
age: 14552396
x-cache: HIT TCP_MEM_HIT dirn:10:304661203
x-swift-savetime: Sun, 16 Oct 2022 13:37:23 GMT
x-swift-cachetime: 8547506
timing-allow-origin: *
eagleid: 3ad72f2e16734753450332866e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
58.215.47.238200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Fri, 29 Jul 2022 00:46:24 GMT
x-oss-request-id: 62E32DE04292EA3735ECADF1
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 80
ali-swift-global-savetime: 1659055584
via: cache39.l2cn2656[0,0,200-0,H], cache11.l2cn2656[0,0], vcache18.cn4730[0,0,200-0,H], vcache26.cn4730[3,0]
age: 14419761
x-cache: HIT TCP_MEM_HIT dirn:9:430432254
x-swift-savetime: Sat, 30 Jul 2022 00:39:32 GMT
x-swift-cachetime: 15466012
timing-allow-origin: *
eagleid: 3ad72f2e16734753450332865e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/front_ad.js
58.215.47.238200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Thu, 05 Jan 2023 10:13:50 GMT
x-oss-request-id: 63B6A2DE23022136314C7D7A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1672913630
via: cache8.l2cn3037[0,0,200-0,H], cache80.l2cn3037[1,0], vcache17.cn4730[0,0,200-0,H], vcache26.cn4730[3,0]
age: 561715
x-cache: HIT TCP_MEM_HIT dirn:11:55170487
x-swift-savetime: Mon, 09 Jan 2023 05:29:00 GMT
x-swift-cachetime: 15223490
timing-allow-origin: *
eagleid: 3ad72f2e16734753450332868e
X-Firefox-Spdy: h2
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
222.186.17.195404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 222.186.17.195:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Wed, 11 Jan 2023 22:15:45 GMT
ali-swift-global-savetime: 1673475345
via: cache78.l2cn3037[21,21,404-1280,M], cache39.l2cn3037[22,0], cache39.l2cn3037[23,0], ens-vcache14.cn5274[72,71,404-1280,M], ens-vcache5.cn5274[73,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Wed, 11 Jan 2023 22:15:45 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: deba119816734753450245664e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3140
Expires: Wed, 11 Jan 2023 23:08:05 GMT
Date: Wed, 11 Jan 2023 22:15:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3140
Expires: Wed, 11 Jan 2023 23:08:05 GMT
Date: Wed, 11 Jan 2023 22:15:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35ee3a36f2d56adfa27324f734f8f7fc
6ec36e85e464004c5e6255739e962e6dcc4c24c6
6cedd3770eb8879c837799d36ebca9d631789d972d3631d730829fc5d64abb25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8024
x-amzn-requestid: b331ee66-c166-4fa6-b950-287134d07fa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ6EM0oAMFQFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-39ff669b44e3dd9339daa56b;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7zCIruOrf5jJueIqE6Z96QIjSPsQLEzcePndU89BTMpN9Uw6Arhc3w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:47:33 GMT
age: 52092
etag: "6ec36e85e464004c5e6255739e962e6dcc4c24c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02vFLorTeOMyO8_Z-KNstD-o26WHWAqbIpg7eQsZSwxG3Q_FXXmapg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 10:50:26 GMT
age: 41119
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68af9d9acdc08345ac38ae59f83a9a24
d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee
1ae2e194f6bb20166d326002b39a4e3f44a9a97046e77ffd2a186eae384b7ce1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10640
x-amzn-requestid: 0b0b6732-7692-4b35-9625-154dc39386dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei745GEooAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d2-314dad90600e9d8c737adf05;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZR6BWnywdcRk5KkmuuMtlIgFKqD_IHiv9jSum7TsjPo5US-gkn7Z-w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:43:48 GMT
age: 1917
etag: "d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfdccf6a024cbd033eea815d49112057
0d987b906b2fd7e45d09169898e7cc14e0e62f64
739c6dadc197a3cf88c8fcdb8a6f35bc7bb98355b3804e0b2c71cd6a87f08900
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5434
x-amzn-requestid: a6d8944c-dae3-43f6-91bd-6dda6f9275b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei75NErNIAMFlsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d4-44e8212239c649ba56cd3256;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I82B8INrho2Hqp7RhskUXFuegvJ--XU1FPHqKA2KgdGnLYeCFHBZLw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:43:27 GMT
age: 1938
etag: "0d987b906b2fd7e45d09169898e7cc14e0e62f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mYQfpwVDSCnen6utBvdBBOmlxS0gGhOqIg8YZ1D0Bt2Ii9O07L9G9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:56:16 GMT
age: 51569
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:43:26 GMT
age: 1939
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
58.215.47.238200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Wed, 27 Jul 2022 13:56:57 GMT
x-oss-request-id: 62E144290FAF3430362AB6AF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 173
ali-swift-global-savetime: 1658930217
via: cache16.l2cn3037[0,0,200-0,H], cache52.l2cn3037[1,0], vcache20.cn4730[0,0,200-0,H], vcache26.cn4730[3,0]
age: 14545128
x-cache: HIT TCP_MEM_HIT dirn:10:206130041
x-swift-savetime: Sat, 10 Sep 2022 07:23:09 GMT
x-swift-cachetime: 11687628
timing-allow-origin: *
eagleid: 3ad72f2e16734753450332867e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
58.215.47.238200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 11:04:14 GMT
x-oss-request-id: 63B55D2EC8A4583930BA3DD0
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 9
ali-swift-global-savetime: 1672830254
via: cache7.l2cn2641[0,0,200-0,H], cache47.l2cn2641[2,0], vcache26.cn4730[0,0,200-0,H], vcache26.cn4730[1,0]
age: 645091
x-cache: HIT TCP_MEM_HIT dirn:11:122562008
x-swift-savetime: Wed, 04 Jan 2023 12:32:45 GMT
x-swift-cachetime: 15546689
timing-allow-origin: *
eagleid: 3ad72f2e16734753450722879e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
58.215.47.238200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 03:08:25 GMT
vary: Accept-Encoding
x-oss-request-id: 634F6A297AA92E33352FF6B9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 29
content-encoding: gzip
ali-swift-global-savetime: 1666148905
via: cache25.l2cn3047[52,52,200-0,M], cache32.l2cn3047[53,0], vcache28.cn4730[0,0,200-0,H], vcache26.cn4730[1,0]
age: 7326440
x-cache: HIT TCP_MEM_HIT dirn:11:408669230
x-swift-savetime: Wed, 19 Oct 2022 03:08:25 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: 3ad72f2e16734753450932886e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/baidu_js_push.js
58.215.47.238200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 58.215.47.238:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Mon, 19 Dec 2022 17:16:09 GMT
x-oss-request-id: 63A09C59AFFD70313763EF54
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 5
ali-swift-global-savetime: 1671470169
via: cache17.l2cn3037[0,0,304-0,H], cache58.l2cn3037[0,0], vcache4.cn4730[0,0,200-0,H], vcache26.cn4730[1,0]
age: 2005176
x-cache: HIT TCP_MEM_HIT dirn:10:423947236
x-swift-savetime: Mon, 19 Dec 2022 21:33:55 GMT
x-swift-cachetime: 15536534
timing-allow-origin: *
eagleid: 3ad72f2e16734753452172917e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/17220.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/17220.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/17220.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3915338100,2086127817&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
static.mediav.com/js/mvf_pm_slider.js
101.198.192.7200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Thu, 12 Jan 2023 03:15:45 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc01.hkht;HIT from w-sc04.bjyt
12803.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Thu, 12 Jan 2023 10:15:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0b272865b931d7cfab7bfe782830ddd4
4c4c4035f4affc241a0ce63ce88dc09e2409c9f2
8948ca81266e22f7fc964a94dca0732959723a13ef8818daa286c20c13da5adf
GET /uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250 HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/268523.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/268523.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/268523.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500
12803.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 49ee7a08d401d92f97b6ee0bb1a06a0a
606ceb3a37bfd1a852c9ea84b9be5a250e3c8b96
08e4b6c0fa285f7406177c5434fac60bf523faf04779cad04c4d03212f783575
GET /common/ipnotice/ HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/uploads/images/139731.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/139731.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/139731.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800
ocsp.globalsign.com/gsrsaovsslca2018
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.194.133:0
Hash b07efd761e8ada6266ca44e28c6081b9
59026a678ff0ea8f4b4e820eb513a03b017a3df0
7e3a5aef75571426ec270af6f8e4f7c9088f0e4b7e0b23cea0831a81ffbccc1e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 15 Jan 2023 19:50:42 GMT
ETag: "59026a678ff0ea8f4b4e820eb513a03b017a3df0"
Last-Modified: Wed, 11 Jan 2023 19:50:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 11 Jan 2023 22:15:46 GMT
Age: 2872
X-Served-By: cache-qpg1274-QPG, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 47, 3
X-Timer: S1673475346.039092,VS0,VE0
bdcode.2345.com/xtvzuvo.js
42.81.8.130200 OK 38 kB URL HTTP/1.1 bdcode.2345.com/xtvzuvo.js
IP 42.81.8.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash ce38d2b5c83cae8301782a83b240927e
16df7d9834814abfc742a741f2d691694eeeee8e
0afb23848a758db307769b0f6e1cc4d56e895fde0c9570ff0ee412ac6427775c
Analyzer Verdict Alert fortinet Malware
GET /xtvzuvo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38081
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Wed, 11 Jan 2023 23:15:45 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0ce6bafbe4a37e5-143
Server: yunjiasu
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e18cacbfa264f41490c4bb0336e4ea0f
1f030783f91491b3c9dabb0a70e4407928a2573b
8388ee2c98d91b801bfa2077174f314f5b429a87f07e650631f86899e4bf1d5f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 11 Jan 2023 22:08:26 GMT
last-modified: Sun, 08 Jan 2023 16:39:52 GMT
expires: Sun, 15 Jan 2023 16:39:51 GMT
etag: "1f030783f91491b3c9dabb0a70e4407928a2573b"
cache-control: max-age=564130,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7880f892f9f09262-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673474906
via: cache9.l2de2[44,44,304-0,M], cache10.l2de2[45,0], cache8.se1[0,0,200-0,H], cache4.se1[1,0], cache1.se1[4,0]
age: 440
x-cache: HIT TCP_MEM_HIT dirn:1:415811898
x-swift-savetime: Wed, 11 Jan 2023 22:08:26 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516734753460255951e, 2ff62c9516734753460255951e
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 2023 23:10:44 GMT
Last-Modified: Tue, 30 Aug 2022 02:57:27 GMT
ETag: "630d7c97-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 301
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 22:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [1]
Ohc-File-Size: 191
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/677905.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/677905.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/677905.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
12803.url.tudown.com/uploads/images/79567.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/79567.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/79567.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=727398501,2800023730&fm=253&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/188788.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/188788.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/188788.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3702955826,2175744348&fm=253&fmt=auto&app=138&f=JPEG?w=893&h=500
12803.url.tudown.com/uploads/images/734987.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/734987.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/734987.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1934597386,632725518&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
222.186.17.195404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 222.186.17.195:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Wed, 11 Jan 2023 22:15:45 GMT
ali-swift-global-savetime: 1673475345
via: cache78.l2cn3037[21,21,404-1280,M], cache39.l2cn3037[22,0], cache39.l2cn3037[23,0], ens-vcache14.cn5274[0,0,404-0,H], ens-vcache5.cn5274[1,0]
age: 0
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 11 Jan 2023 22:15:45 GMT
x-swift-cachetime: 1
timing-allow-origin: *
eagleid: deba119816734753459485878e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/685049.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/685049.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/685049.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467
12803.url.tudown.com/uploads/images/736577.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/736577.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/736577.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
bdcode.2345.com/kolimnn.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/kolimnn.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /kolimnn.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Wed, 11 Jan 2023 23:15:46 GMT
Last-Modified: Tue, 08 Mar 2022 10:11:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0ce6bb5be5337e5-143
Server: yunjiasu
12803.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
img0.baidu.com/it/u=4234938707,4217609761&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867
36.99.3.35200 OK 32 kB URL HTTP/1.1 img0.baidu.com/it/u=4234938707,4217609761&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x867, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 010686a2f29cc5556e6fc1a4fde4cc84
cb1897018cc2072e5404d88d308cae258478e4e5
d077b2e60dbbae8c2fb2a7aa17431bd2eac9441f85ff8070fda4566f342354f8
GET /it/u=4234938707,4217609761&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/webp
Content-Length: 32280
Connection: keep-alive
Expires: Sat, 21 Jan 2023 15:25:37 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 010686a2f29cc5556e6fc1a4fde4cc84
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 22 Dec 2022 15:25:37 GMT
Ohc-Cache-HIT: ly4ct92 [1], suzix210 [2]
Ohc-File-Size: 32280
X-Cache-Status: MISS
union2.50bang.org/web/duoteall?uId2=QUTQSSUNRS&r=&fBL=1280*1024
180.101.190.124200 OK 0 B URL HTTP/1.1 union2.50bang.org/web/duoteall?uId2=QUTQSSUNRS&r=&fBL=1280*1024
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/duoteall?uId2=QUTQSSUNRS&r=&fBL=1280*1024 HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uidFlag=1; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uUid=E95D63BF351200041EFB40B20008; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTL=1; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTT=1673475346; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Length: 0
12803.url.tudown.com/uploads/images/182972.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/182972.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/182972.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1336896760,2293914509&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/105522.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/105522.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/105522.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1082250035,2454225254&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
12803.url.tudown.com/uploads/images/597573.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/597573.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/597573.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3644573793,348027016&fm=253&fmt=auto&app=120&f=JPEG?w=354&h=500
12803.url.tudown.com/uploads/images/126317.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/126317.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/126317.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419
img1.baidu.com/it/u=1934597386,632725518&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
14.29.98.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=1934597386,632725518&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e10bd6ec59e69a01023c1b860533ac47
c6b879cc4a55cae6f53937c1d81c2b3517e47a0d
eb20793f12d5237eb03a7daff0986b8cc11d1a275bde5f7054afc09bad1d182f
GET /it/u=1934597386,632725518&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 26956
expires: Sun, 15 Jan 2023 11:41:47 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e10bd6ec59e69a01023c1b860533ac47
age: 194585
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 11:41:47 GMT
ohc-cache-hit: gz3ct55 [4], bdix182 [4]
ohc-file-size: 26956
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467
36.99.3.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x467, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 510380333dc3b6d10f7904666fa090ae
fcf986b1d1dcce5ab1dd204c7912d91d468a537d
5d64bd03c816c51e0c65f85d531f9e4fa852930cc579b7e93e4a6a93bf191c65
GET /it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 32540
expires: Fri, 03 Feb 2023 15:55:35 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 510380333dc3b6d10f7904666fa090ae
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 15:55:35 GMT
ohc-cache-hit: ly4ct85 [1], qdix85 [2]
ohc-file-size: 32540
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800
14.29.98.35200 OK 64 kB URL HTTP/1.1 img1.baidu.com/it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash b69b48d0e168a252a2b465b6f10b373e
91431b5cf6a8fe621dd19356492ee854506fef44
a9fbf363f382e914ed1c2a513b58068c253ee422f24be079db82722ff4d3de34
GET /it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpeg
Content-Length: 64229
Connection: keep-alive
Expires: Fri, 10 Feb 2023 16:10:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: b69b48d0e168a252a2b465b6f10b373e
Age: 1911
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 16:10:22 GMT
Ohc-Cache-HIT: gz3ct59 [4], wzix94 [2]
Ohc-File-Size: 64229
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/332142.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/332142.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/332142.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2676175092,2473941790&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
12803.url.tudown.com/uploads/images/727481.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/727481.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/727481.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1603991101,4227772788&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 11 Jan 2023 22:15:46 GMT
Etag: "4078521116"
Expires: Thu, 11 Jan 2024 22:15:46 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=45633DF8EC48C5CF4A7126E0187AB49D:FG=1; max-age=31536000; expires=Thu, 11-Jan-24 22:15:46 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12803.url.tudown.com/uploads/images/73288.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/73288.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/73288.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/276290.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/276290.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/276290.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2553579396,1892582398&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=300
12803.url.tudown.com/uploads/images/250494.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/250494.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/250494.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1163646304,3709364812&fm=253&app=120&f=JPEG?w=1422&h=800
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:49:04 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 228402
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: oBRnL9Rm6mktChfh+Q/bZOLxVybYIdLP1hOBqfmojYkP0j/g0lHmCeGRQa0TvkxHWlcUmy/vEhEATyXRFP3ibg==
x-bce-request-id: 721fd90f-6b1d-43c1-a6da-3188e9ec3add
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 06:49:04 GMT
Ohc-Cache-HIT: wz2ct55 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
101.226.28.222200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 101.226.28.222:0
ASN #4812 China Telecom Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:50 GMT
x-oss-request-id: 63B54CAE8873C53939421D90
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 18
Ali-Swift-Global-Savetime: 1672826030
Via: cache45.l2cn1807[0,0,200-0,H], cache50.l2cn1807[0,0], vcache15.cn4757[0,0,200-0,H], vcache6.cn4757[1,0]
Age: 649316
X-Cache: HIT TCP_MEM_HIT dirn:9:401391745
X-Swift-SaveTime: Wed, 04 Jan 2023 09:55:49 GMT
X-Swift-CacheTime: 15551881
Timing-Allow-Origin: *
EagleId: 65e21c9a16734753464354975e
img1.baidu.com/it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
14.29.98.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 389x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2775a3f01c1077ab95a8087204d43d22
e1e1d198f0f2d2272fbd6b16f735b13a29abed1a
b7b55adf03c7b9bbc2cf0ea41e21f7954f550cd304fd6d6e406e67c6e651be59
GET /it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 14848
expires: Fri, 27 Jan 2023 04:22:08 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 2775a3f01c1077ab95a8087204d43d22
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 04:22:08 GMT
ohc-cache-hit: gz3ct57 [1], xiangyix77 [2]
ohc-file-size: 14848
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500
14.29.98.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 349x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 967feaebb56f2d08cb015ae9b5cdd5ae
8848fc74351c4ae7d04c57497768682d11225c8b
390cef336f5e9f53ee28d55232a4c1da1dc08d7d1c61a6e75a20a31921ac470f
GET /it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 27526
expires: Fri, 20 Jan 2023 08:24:55 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 967feaebb56f2d08cb015ae9b5cdd5ae
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 08:24:55 GMT
ohc-cache-hit: gz3ct57 [1], xaix199 [2]
ohc-file-size: 27526
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t15.baidu.com/it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bf3f7a1fd6d64dff85413427fb5fdaaa
1530bab877dc7e675f8f95b414edd52be00cdd2f
e7e30504f299d3d84123134a840469a1bb3a588717ab457387fc4abdee05eb6e
GET /it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpeg
Content-Length: 52615
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:49:51 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: bf3f7a1fd6d64dff85413427fb5fdaaa
Age: 261722
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:49:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache63 [4], csix84 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52615
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3915338100,2086127817&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
36.99.3.35200 OK 42 kB URL HTTP/2 img0.baidu.com/it/u=3915338100,2086127817&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25e4464cc9051bc1e1e859265969908a
5b98943f766591e5fc3687715f5162b013acd2c1
3f91688be0a9e144b31109b0f756985c0fc58dd04ce2a73b65f525cc5cca3696
GET /it/u=3915338100,2086127817&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 41798
expires: Sat, 21 Jan 2023 07:26:46 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 25e4464cc9051bc1e1e859265969908a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 07:26:46 GMT
ohc-cache-hit: ly4ct86 [1], qdix86 [2]
ohc-file-size: 41798
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=727398501,2800023730&fm=253&app=138&f=JPEG?w=800&h=500
36.99.50.35200 OK 61 kB URL HTTP/1.1 img2.baidu.com/it/u=727398501,2800023730&fm=253&app=138&f=JPEG?w=800&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 86a3547294a0db4fcea81fbb3b0bf1fc
b16c8bcc1d9d0583c79267363699ffcfd13ca606
c418fd764fb4ffa58a210d65066f173516d363ebece5aaf894f10d9e2f3f628d
GET /it/u=727398501,2800023730&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpeg
Content-Length: 61158
Connection: keep-alive
Expires: Sat, 14 Jan 2023 09:52:04 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 86a3547294a0db4fcea81fbb3b0bf1fc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 15 Dec 2022 09:52:04 GMT
Ohc-Cache-HIT: zz6ct60 [1], czix60 [2]
Ohc-File-Size: 61158
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/470886.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/470886.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/470886.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1157763592,3490325381&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/384723.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/384723.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/384723.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=564267584,1454964416&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1082250035,2454225254&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
36.99.3.35200 OK 37 kB URL HTTP/2 img0.baidu.com/it/u=1082250035,2454225254&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 97e81eb063ffc02631a9e24189324ce7
5cb61856ca715f76d6996299c331f917de4e407d
4dd3060118f3631a9e793ce84050489459da44ca06a2e4653b13870b7512c485
GET /it/u=1082250035,2454225254&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 37188
expires: Wed, 18 Jan 2023 05:59:46 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 97e81eb063ffc02631a9e24189324ce7
age: 306489
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 05:59:46 GMT
ohc-cache-hit: ly4ct91 [4], suzix214 [2]
ohc-file-size: 37188
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3644573793,348027016&fm=253&fmt=auto&app=120&f=JPEG?w=354&h=500
14.29.98.35200 OK 21 kB URL HTTP/2 img1.baidu.com/it/u=3644573793,348027016&fm=253&fmt=auto&app=120&f=JPEG?w=354&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 354x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a25076d4cecdf97459974454631abf99
807f9840428c29a2635aa2988c0e36e08e8d7b1e
d255e122b4f206deab3d106bd3871e5d7b0c15eed1c1d1d027901f40c0a5bfaf
GET /it/u=3644573793,348027016&fm=253&fmt=auto&app=120&f=JPEG?w=354&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 20856
expires: Sat, 21 Jan 2023 06:45:37 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a25076d4cecdf97459974454631abf99
age: 686961
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 06:45:37 GMT
ohc-cache-hit: gz3ct54 [4], xaix72 [4]
ohc-file-size: 20856
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/884426.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/884426.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/884426.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800
12803.url.tudown.com/uploads/images/426850.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/426850.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/426850.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2621375736,4089716409&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/780073.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/780073.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/780073.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=622441925,2513952089&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1603991101,4227772788&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
36.99.3.35200 OK 6.7 kB URL HTTP/2 img0.baidu.com/it/u=1603991101,4227772788&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9016a7de9fd9536c4c79adcb1a2aa97f
513afe4b08b96138567c53cfebe781153e811f80
d879ab727163023276348c18dcd358f601149365056a0efb0be8e0a6f13818d6
GET /it/u=1603991101,4227772788&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 6652
expires: Thu, 09 Feb 2023 07:26:07 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9016a7de9fd9536c4c79adcb1a2aa97f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 07:26:07 GMT
ohc-cache-hit: ly4ct53 [1], csix53 [4]
ohc-file-size: 6652
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419
14.29.98.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 279x419, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a75052fd9562ae43fc0ee769066b7a6d
2a6706c192a81ab97bc8837323fccf992b832f22
6afee078dcf06a55d3aff11940a5e5a22c9d7a22b668d3956d2b8bdbaf9c3d11
GET /it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 30384
expires: Wed, 18 Jan 2023 06:49:33 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a75052fd9562ae43fc0ee769066b7a6d
age: 304158
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 06:49:33 GMT
ohc-cache-hit: gz3ct54 [4], qdix221 [2]
ohc-file-size: 30384
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 8b5f99c3bf0c8ee8e2dd83731faf8294
9696ced73dbb48b5d2c51136f53484ba85582bed
e73e0147d86191ce780916421f05e0c6d4773d1d1a1b3a9b24bf574f56180667
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Wed, 11 Jan 2023 22:15:46 GMT
Etag: cb227a38bf5b053d7895eec9aa0858d9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=89B19A6FA5A743DA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
pos.baidu.com/auto_dup?di=0&uuid=0ac314d0bb694d51&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=c4bdb5d0701cae56&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673475331455&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ari=2&ver=1221&dbv=0&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&prot=2&rw=939<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&ecd=1&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1673475331&dc=4&aa=1
182.61.200.109200 OK 59 B URL HTTP/2 pos.baidu.com/auto_dup?di=0&uuid=0ac314d0bb694d51&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=c4bdb5d0701cae56&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673475331455&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ari=2&ver=1221&dbv=0&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&prot=2&rw=939<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&ecd=1&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1673475331&dc=4&aa=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash ded87923a212a19b226269c663c0e97c
e2c8ab5fea4a9688e161df041290d65e50f1eb03
8d73dc1ba01a53b0672b032e9f93841707014ac4725c8bf405e58b4fb7a92625
GET /auto_dup?di=0&uuid=0ac314d0bb694d51&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=c4bdb5d0701cae56&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673475331455&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ari=2&ver=1221&dbv=0&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&prot=2&rw=939<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&ecd=1&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1673475331&dc=4&aa=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
date: Wed, 11 Jan 2023 22:15:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu Jan 12 06:15:46 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=A95F6E55C76F9EDD60EEB0472D883309:FG=1; expires=Thu, 11-Jan-54 22:15:46 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 59
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/493220.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/493220.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/493220.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2587251472,3892600771&fm=253&fmt=auto?w=500&h=375
img2.baidu.com/it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 40 kB URL HTTP/2 img2.baidu.com/it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c15de9488c905a120609702c9040a4b
bb760db3c5093808a01577f1c43fb2ded60a1181
e8ac97bc6bc733519bd19d874ea5fd5b4f73ef5e5b39a2f50858f1c511b5ba35
GET /it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 39462
expires: Fri, 10 Feb 2023 21:16:43 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9c15de9488c905a120609702c9040a4b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:16:43 GMT
ohc-cache-hit: ly4ct85 [1], wzix85 [2]
ohc-file-size: 39462
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=622441925,2513952089&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 27 kB URL HTTP/1.1 t14.baidu.com/it/u=622441925,2513952089&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 49edcb8db5681008f307a591f95d2ce1
66b47deea69e6428eb161726e86a766c73a3c727
a3a9d385f7d36672b18e6e055d637b8ba88e6b24590ddb79a3d62f595a8edb39
GET /it/u=622441925,2513952089&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 27035
Connection: keep-alive
Expires: Sat, 28 Jan 2023 14:36:41 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 49edcb8db5681008f307a591f95d2ce1
Age: 3916
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 14:36:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache54 [1], wzix111 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27035
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1336896760,2293914509&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 128 kB URL HTTP/1.1 img0.baidu.com/it/u=1336896760,2293914509&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 128 kB (127804 bytes)
Hash c0093ee9e73a8ab325298392c827b082
ad197cfabb59999876e306387dd9d1e3f929c07d
21969a36a5df584c76473e7525e297320979a704b56506b5eddd34cff3c6c5de
GET /it/u=1336896760,2293914509&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpeg
Content-Length: 127804
Connection: keep-alive
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c0093ee9e73a8ab325298392c827b082
Age: 753
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 17:18:49 GMT
Ohc-Cache-HIT: ly4ct67 [4], czix165 [2]
Ohc-File-Size: 127804
X-Cache-Status: HIT
api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 11 Jan 2023 22:15:47 GMT
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.242200 OK 40 kB URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.242:0
Hash 18464604801f2dfeb330e9f98546f622
536d79b4cdcd7e5f94a948d1163b235ddb9038cf
8039ae4e05e0b9da00ffb684af2d5d12136a105c72ac18a5a3d2e275c07a8068
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Wed, 11 Jan 2023 21:44:05 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1673473445
via: cache59.l2cn3037[61,61,304-0,M], cache65.l2cn3037[62,0], cache65.l2cn3037[62,0], vcache23.cn4733[0,0,200-0,H], vcache25.cn4733[1,0]
age: 1900
x-cache: HIT TCP_MEM_HIT dirn:9:217775548
x-swift-savetime: Wed, 11 Jan 2023 21:44:05 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c72d16734753450525372e
content-encoding: gzip
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2676175092,2473941790&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
14.29.98.35200 OK 6.8 kB URL HTTP/2 img1.baidu.com/it/u=2676175092,2473941790&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f8df4f2cec4be82819754872a5e71c8c
4171285c2898a271bfd1d5fcb36dee1c94f867b5
0726a53189827c9f754660e47e25bc4822895e6543f6c580cb1c6f9ea25b4a37
GET /it/u=2676175092,2473941790&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 6796
expires: Sat, 21 Jan 2023 03:09:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: f8df4f2cec4be82819754872a5e71c8c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 03:09:48 GMT
ohc-cache-hit: gz3ct53 [1], bdix136 [2]
ohc-file-size: 6796
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1157763592,3490325381&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t14.baidu.com/it/u=1157763592,3490325381&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 66f4094a83a47e99c68758faa83753ff
6932a709157582529a63640ddce94a41ed8c2eaa
ce5a47c86c2c54fe3a51b23fa0c59199b518da569828176d222fa02dee266c9a
GET /it/u=1157763592,3490325381&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 36408
Connection: keep-alive
Expires: Thu, 09 Feb 2023 21:20:27 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 66f4094a83a47e99c68758faa83753ff
Age: 3063
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 21:20:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache62 [2], xaix210 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36408
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/379284.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/379284.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/379284.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=2553579396,1892582398&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=300
14.29.98.35200 OK 49 kB URL HTTP/2 img1.baidu.com/it/u=2553579396,1892582398&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=300
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5fa47d104ad676dd4f114b51c8f397f6
6640255285bb3c1fda74f60ba250213b54748f0e
4bc998531cce658b80587638830d40e9bd5c87b0d52c0fc96cf736d90d53f033
GET /it/u=2553579396,1892582398&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:46 GMT
content-type: image/webp
content-length: 49048
expires: Sat, 21 Jan 2023 16:19:40 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 5fa47d104ad676dd4f114b51c8f397f6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 16:19:40 GMT
ohc-cache-hit: gz3ct51 [1], qdix232 [2]
ohc-file-size: 49048
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/22627.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/22627.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/22627.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12803.url.tudown.com/uploads/images/258128.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/258128.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/258128.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2186161199,1495735048&fm=253&fmt=auto?w=1280&h=800
12803.url.tudown.com/uploads/images/746099.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/746099.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/746099.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/124392.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/124392.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/124392.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2873923047,2179502859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=379
img1.baidu.com/it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800
14.29.98.35200 OK 90 kB URL HTTP/2 img1.baidu.com/it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9501579d22fe9b50a9c5ed7336788b2b
f26113b9879524e45399ab6f60c4d2c4465ea844
f662dbf007c9a54576f0179e4532de5575f27345c8e82c146802ee4c8e980429
GET /it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 90416
expires: Mon, 23 Jan 2023 06:51:00 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 9501579d22fe9b50a9c5ed7336788b2b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 06:51:00 GMT
ohc-cache-hit: gz3ct54 [1], czix223 [2]
ohc-file-size: 90416
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 24 kB URL HTTP/1.1 t13.baidu.com/it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash efbc3d41eecdc331f76a55e8d69aa80c
eb42e8b0f3d74e48bb8cd59b117c8aa107c76c1c
2efd0616c6065f75b097b3293445d20800f84d1e989700f14e22bd6dc50afff6
GET /it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 23494
Connection: keep-alive
Expires: Tue, 24 Jan 2023 12:18:36 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: efbc3d41eecdc331f76a55e8d69aa80c
Age: 1504448
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 12:18:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache103 [4], suzix157 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 23494
X-Cache-Status: HIT
img1.baidu.com/it/u=564267584,1454964416&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
14.29.98.35200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=564267584,1454964416&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63d1c9fb69d435d527d3d58fc4a65fde
3464d029167eb164bca3a4f8f93e06a260bbae32
4834c1948bd8ca0978171079d96c57275d58f68bf716375156aaf31d5856ce87
GET /it/u=564267584,1454964416&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 38174
expires: Tue, 31 Jan 2023 10:24:32 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 63d1c9fb69d435d527d3d58fc4a65fde
age: 899272
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 10:24:32 GMT
ohc-cache-hit: gz3ct61 [4], csix104 [2]
ohc-file-size: 38174
x-cache-status: HIT
X-Firefox-Spdy: h2
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=2180538870&s2=346044702<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&dc=3&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673475331&dtm=HTML_POST&tpr=1673475331455&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=c4bdb5d0701cae56&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=2180538870&s2=346044702<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&dc=3&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673475331&dtm=HTML_POST&tpr=1673475331455&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=c4bdb5d0701cae56&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7278)
Hash aae3f45cb3d87f34e793aa5f551c6a13
56c582602cfc3cdc5ddef70949c9f35aeb3ec5cd
36bc1c7a97a61f8eb8ce2c149e9798c62242e13de6aa490ea115efe5c861ccc3
GET /s?wid=910&hei=120&di=u4965894&s1=2180538870&s2=346044702<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&dc=3&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673475331&dtm=HTML_POST&tpr=1673475331455&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=c4bdb5d0701cae56&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 11 Jan 2023 22:15:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu Jan 12 06:15:47 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=0B9A4BBF404FEE35AC1D47EC9B4ACD3A:FG=1; expires=Thu, 11-Jan-54 22:15:47 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13419
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2621375736,4089716409&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t13.baidu.com/it/u=2621375736,4089716409&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4f0d6ab38259b0477c05cab57111b59d
5a2e068abe8dc8b971d9008c98ab3d29ea7a3719
fa2d6c225aa31a2d756526b0077ec1b8afaf374e96c7902e683ad212b863beb8
GET /it/u=2621375736,4089716409&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 34095
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:57:07 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 4f0d6ab38259b0477c05cab57111b59d
Age: 4041
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 07:57:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache62 [1], xiangyix142 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34095
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/133428.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/133428.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/133428.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=116402423&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=39108&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&tt=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=116402423&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=39108&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&tt=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=116402423&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=39108&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&tt=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 11 Jan 2023 22:15:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8AEA8310EDD617D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800
36.99.3.35200 OK 30 kB URL HTTP/1.1 img0.baidu.com/it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=[*0*], width=0], baseline, precision 8, 800x800, components 3\012- data
Hash a7caf086accd6582981fa1291a57e4cc
d3907d10008ebe8ba80aa01504da924fc1249bac
128ddd7b890088c347b9fab19497f870f624d7af6ff721e4f239a64e82259a9e
GET /it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 29790
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:49:25 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: a7caf086accd6582981fa1291a57e4cc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:49:25 GMT
Ohc-Cache-HIT: ly4ct89 [1], czix89 [2]
Ohc-File-Size: 29790
X-Cache-Status: MISS
img1.baidu.com/it/u=2587251472,3892600771&fm=253&fmt=auto?w=500&h=375
14.29.98.35200 OK 52 kB URL HTTP/2 img1.baidu.com/it/u=2587251472,3892600771&fm=253&fmt=auto?w=500&h=375
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 62fad3091779e8ef4fceb09c3489c1ec
18e84356f39fe59901548525c18dfc800b9601a7
339af83079dfa8b95ba201a6ed1c5c874faf8787c92e97bf9634846283f5a790
GET /it/u=2587251472,3892600771&fm=253&fmt=auto?w=500&h=375 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 52266
expires: Wed, 08 Feb 2023 08:51:15 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 62fad3091779e8ef4fceb09c3489c1ec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 08:51:15 GMT
ohc-cache-hit: gz3ct53 [1], wzix89 [2]
ohc-file-size: 52266
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/388474.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/388474.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/388474.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=14552907,1680792660&fm=253&app=138&f=JPEG?w=500&h=800
12803.url.tudown.com/uploads/images/209162.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/209162.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209162.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=743094923,755532182&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/294514.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/294514.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/294514.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3600666618,3880031651&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/591359.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/591359.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/591359.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/246296.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/246296.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/246296.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
img2.baidu.com/it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 18 kB URL HTTP/2 img2.baidu.com/it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9714c98053d20451f29aef44a4a14537
9a6ff92060107f97d683404b26335d202277a3bc
9857a9339d8c06e5a1807d80f6abdade48d89c75c44a9cb3982a80c8d2de072d
GET /it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 18128
expires: Sun, 29 Jan 2023 03:49:54 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9714c98053d20451f29aef44a4a14537
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 03:49:54 GMT
ohc-cache-hit: ly4ct83 [1], suzix245 [4]
ohc-file-size: 18128
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
36.99.3.35200 OK 3.9 kB URL HTTP/2 img2.baidu.com/it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash def18d44d97940acca2d09fea5a008ec
828f8814e55783d18afa9f9616929ffdd93890ff
8c9dbe0a51f098757b3cbea767ee95c4a967f142b3aa2e90606ed6c927f05301
GET /it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 3862
expires: Wed, 08 Feb 2023 09:00:52 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: def18d44d97940acca2d09fea5a008ec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 09:00:52 GMT
ohc-cache-hit: ly4ct98 [1], csix115 [2]
ohc-file-size: 3862
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3600666618,3880031651&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t15.baidu.com/it/u=3600666618,3880031651&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6fa7d54f4f64eb422d88cf20caa340cd
1539a4f9807593061efcea6a9731fb7d84a4e391
74910e0c3cd523cebfc4fdaa578cabc16d0b0df83f91c0a0c8aab16c5c9ecf4b
GET /it/u=3600666618,3880031651&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 43930
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:25:56 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 6fa7d54f4f64eb422d88cf20caa340cd
Age: 1344
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 15:25:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache64 [2], wzix97 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43930
X-Cache-Status: HIT
Timing-Allow-Origin: *
pos.baidu.com/s?wid=912&hei=200&di=u5039524&s1=1062401285&s2=4274912028<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&dc=3&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673475331&dtm=HTML_POST&tpr=1673475331455&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=c4bdb5d0701cae56&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&ft=1
182.61.200.109200 OK 15 kB URL HTTP/2 pos.baidu.com/s?wid=912&hei=200&di=u5039524&s1=1062401285&s2=4274912028<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&dc=3&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673475331&dtm=HTML_POST&tpr=1673475331455&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=c4bdb5d0701cae56&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40779)
Hash 635b7b2d85ca83acb52ae43482ec8597
a60369ac845c753ae34843b71b6b341c82e1aec0
348adea81b298882b89d59c8ef84dcb7782ec846c5f30535f6c2ead392768224
GET /s?wid=912&hei=200&di=u5039524&s1=1062401285&s2=4274912028<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&dc=3&ti=ag%E4%BA%9A%E6%B4%B2%E5%9B%BD%E9%99%85%E6%B8%B8%E6%88%8F%E5%AE%98%E7%BD%91app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673475331&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673475331&dtm=HTML_POST&tpr=1673475331455&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=c4bdb5d0701cae56&fpt=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 11 Jan 2023 22:15:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu Jan 12 06:15:47 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=0B9A4BBF404FEE35A7F4D889812B9E29:FG=1; expires=Thu, 11-Jan-54 22:15:47 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14972
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2186161199,1495735048&fm=253&fmt=auto?w=1280&h=800
36.99.3.35200 OK 37 kB URL HTTP/2 img0.baidu.com/it/u=2186161199,1495735048&fm=253&fmt=auto?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf31f7f915136cc2c401cd9b0eb9300d
408ebb6501c21f2aa3f49a0ba0010d7161368994
af83cbb8a7f0bb2269cab6049a63538539d0a8af27af95236fd42c7705a94892
GET /it/u=2186161199,1495735048&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 37314
expires: Mon, 30 Jan 2023 22:04:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: cf31f7f915136cc2c401cd9b0eb9300d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 22:04:48 GMT
ohc-cache-hit: ly4ct82 [1], csix82 [2]
ohc-file-size: 37314
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2873923047,2179502859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=379
36.99.3.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2873923047,2179502859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=379
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x379, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf3b059df1b807c52a73e3b6ba7290c1
f982d83ece1ce9753c1101121db9fe4a232d9d5b
3a7a936aef608afe45ee0ab181483a643c547e626dca37cba12016b37e543375
GET /it/u=2873923047,2179502859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=379 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 13190
expires: Sat, 14 Jan 2023 16:45:20 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bf3b059df1b807c52a73e3b6ba7290c1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 15 Dec 2022 16:45:20 GMT
ohc-cache-hit: ly4ct86 [1], wzix86 [2]
ohc-file-size: 13190
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0040264420ef153ab3c0b7e7e83d0b42
f6ac9efcf4df9f7ec29859c8e94b2e8b1415bc76
820fda4cc93ddedda12c439a81a29b7fd5b0e2a948aeb231d20ba058474d3575
GET /it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 39445
Connection: keep-alive
Expires: Tue, 17 Jan 2023 09:37:21 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 0040264420ef153ab3c0b7e7e83d0b42
Age: 1450329
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 18 Dec 2022 09:37:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [1], wzix117 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39445
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/875361.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/875361.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/875361.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2419094801,3554651088&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1163646304,3709364812&fm=253&app=120&f=JPEG?w=1422&h=800
36.99.3.35200 OK 178 kB URL HTTP/1.1 img0.baidu.com/it/u=1163646304,3709364812&fm=253&app=120&f=JPEG?w=1422&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 178 kB (177576 bytes)
Hash d3153b4ed3586155f3f4ecd5a3227944
6c15a79976e62935ddd0e47ff8b09c0007791787
5007e35e7252d5b672220d5a25d53043a1fc3f436d81795bfaa86533224c9c47
GET /it/u=1163646304,3709364812&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:46 GMT
Content-Type: image/jpeg
Content-Length: 177576
Connection: keep-alive
Expires: Thu, 12 Jan 2023 10:15:28 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: d3153b4ed3586155f3f4ecd5a3227944
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 13 Dec 2022 10:15:28 GMT
Ohc-Cache-HIT: ly4ct90 [1], wzix90 [2]
Ohc-File-Size: 177576
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/49735.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/49735.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/49735.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=438675357,1979954914&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/313928.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/313928.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/313928.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3189930313,4075133161&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/899460.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/899460.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/899460.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2576441412,3415456545&fm=253&fmt=auto&app=138&f=JPEG?w=693&h=500
12803.url.tudown.com/uploads/images/966168.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/966168.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/966168.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
img0.baidu.com/it/u=743094923,755532182&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 150 kB URL HTTP/1.1 img0.baidu.com/it/u=743094923,755532182&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 150 kB (149727 bytes)
Hash 1f8946c9c21be8f3d5aec34f6c403e3d
a17425400dc2c8b9ee4e5a6c4b1b47ad0820b74b
655bad7bbb96ebae4841a6623bf332e8e21dcecd751b20f65d3550f4ae6c221a
GET /it/u=743094923,755532182&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 149727
Connection: keep-alive
Expires: Mon, 23 Jan 2023 03:32:52 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 1f8946c9c21be8f3d5aec34f6c403e3d
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 24 Dec 2022 03:32:52 GMT
Ohc-Cache-HIT: ly4ct92 [2], xiangyix199 [3]
Ohc-File-Size: 149727
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/348940.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/348940.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/348940.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-c41746906a8d4fe9f87169d213d7c5c762ac0b5c&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&t=1673475332357&r=init
36.110.192.156200 OK 107 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-c41746906a8d4fe9f87169d213d7c5c762ac0b5c&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&t=1673475332357&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 5e26e1d92b6da357276d473c17a4f4e8
75dd9290d7562785332d92625fc6c21f4867222e
397409eaee234089e210762c2617c950c070edd95a62af70acb140528f091d6f
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-c41746906a8d4fe9f87169d213d7c5c762ac0b5c&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fcatia%2520v5r24%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%2520%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40169_55824.exe&t=1673475332357&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 11 Jan 2023 22:15:47 GMT
content-length: 107
X-Firefox-Spdy: h2
t14.baidu.com/it/u=3189930313,4075133161&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t14.baidu.com/it/u=3189930313,4075133161&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2f1b484d947942d8b811c3e32f020e9d
93398f1c1a2232a20056339c8c94b31d7eba9b2f
fe41c6abd9ae0af39f19bd3412b98da7fcafa44902c22d41f62760ab87a7ba42
GET /it/u=3189930313,4075133161&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpeg
Content-Length: 39773
Connection: keep-alive
Expires: Wed, 08 Feb 2023 07:21:41 GMT
Last-Modified: Mon, 19 Jan 1970 00:00:00 GMT
ETag: 2f1b484d947942d8b811c3e32f020e9d
Age: 573
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 07:21:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache50 [2], suzix50 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39773
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2419094801,3554651088&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t13.baidu.com/it/u=2419094801,3554651088&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d7b73f6d148a84b432440b31dc1f964d
c9a7ea041d7638ec4104eba1ff893634f203473d
8d1402c7e06d321da6dd85bf13a6268d1e468c3d09d3bb581bde9ae271a8c865
GET /it/u=2419094801,3554651088&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 57156
Connection: keep-alive
Expires: Fri, 13 Jan 2023 09:39:51 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: d7b73f6d148a84b432440b31dc1f964d
Age: 934024
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 14 Dec 2022 09:39:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache65 [1], xiangyix191 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57156
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
36.99.3.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x337, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2efc2110541ccf212976248eacfc744a
6dd4db7ec40fac2ebe7fa6297ccb2acd29f40cca
12ac2bb2332ba32de68b287f7d6c305888467627ce5d927072b237384cffc2e5
GET /it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:47 GMT
content-type: image/webp
content-length: 17112
expires: Sun, 05 Feb 2023 04:46:20 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 2efc2110541ccf212976248eacfc744a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 04:46:20 GMT
ohc-cache-hit: ly4ct77 [1], suzix185 [2]
ohc-file-size: 17112
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284
185.10.104.124200 OK 23 kB URL HTTP/1.1 t15.baidu.com/it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 284x284, components 3\012- data
Hash 1ba2a3ce706ad52d9350ae7b7c60538a
57c49e1825ec53e3e2e67a3b47b8cd704158cfc5
d71cac3c4a6c3b172cabf5e45d189f5c2a4940a4e7fc8ec0f7e3b6053ca6d5c2
GET /it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpeg
Content-Length: 22840
Connection: keep-alive
Expires: Tue, 24 Jan 2023 14:17:09 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1ba2a3ce706ad52d9350ae7b7c60538a
Age: 1450278
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 14:17:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache53 [1], czix170 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 22840
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
14.29.98.35200 OK 110 kB URL HTTP/1.1 img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 110 kB (110507 bytes)
Hash dddde5d2afcb3641203aa140b9ac2ef8
e114f57c0b4f739e1da1962bcac7301a8c9e25fe
483cf231ac0d0c50b8fbeb47713f4884226a5cc0a4afe0d28caa0ccb2a651caf
GET /it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 110507
Connection: keep-alive
Expires: Wed, 01 Feb 2023 20:04:09 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: dddde5d2afcb3641203aa140b9ac2ef8
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 20:04:09 GMT
Ohc-Cache-HIT: gz3ct53 [1], csix116 [2]
Ohc-File-Size: 110507
X-Cache-Status: MISS
img1.baidu.com/it/u=14552907,1680792660&fm=253&app=138&f=JPEG?w=500&h=800
14.29.98.35200 OK 52 kB URL HTTP/1.1 img1.baidu.com/it/u=14552907,1680792660&fm=253&app=138&f=JPEG?w=500&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash a91c9dcdbcb6a73f6a45ca6c3aff0dcc
df7b8cc8e817c77c5f07fa7d0b5de112cdd617e2
69dbdd5cda1c789f68311df5ceb3491731c6806405e6f8f2bf0e234da5895d8a
GET /it/u=14552907,1680792660&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:47 GMT
Content-Type: image/jpeg
Content-Length: 51551
Connection: keep-alive
Expires: Mon, 23 Jan 2023 14:09:29 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: a91c9dcdbcb6a73f6a45ca6c3aff0dcc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 24 Dec 2022 14:09:29 GMT
Ohc-Cache-HIT: gz3ct52 [1], xiangyix103 [2]
Ohc-File-Size: 51551
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/207612.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/207612.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/207612.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1749118008,3053599938&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/370056.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/370056.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/370056.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2694016541,475717950&fm=224&app=112&f=JPEG?w=356&h=500
img1.baidu.com/it/u=438675357,1979954914&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
14.29.98.35200 OK 8.2 kB URL HTTP/2 img1.baidu.com/it/u=438675357,1979954914&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e06690c825499aab9b57684359d44c3b
35778f92a231d78854f7b2168038638f501e520e
ad06fd54999610318605602124bd988609260b5abce12432a2ec7eade35e7ed1
GET /it/u=438675357,1979954914&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 8238
expires: Sat, 21 Jan 2023 20:14:36 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: e06690c825499aab9b57684359d44c3b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 20:14:36 GMT
ohc-cache-hit: gz3ct55 [1], suzix112 [2]
ohc-file-size: 8238
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1749118008,3053599938&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 22 kB URL HTTP/1.1 t14.baidu.com/it/u=1749118008,3053599938&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 57a29153cf378e75b9a4fa5fe7fafecf
7ae595969aa163637af301ac0749946f9c3c88cb
e93ab3151130f1adb1db284b1eb956509d631ec88dbcb5ff28a4871231e62163
GET /it/u=1749118008,3053599938&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpeg
Content-Length: 21911
Connection: keep-alive
Expires: Mon, 23 Jan 2023 12:57:24 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 57a29153cf378e75b9a4fa5fe7fafecf
Age: 224829
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 24 Dec 2022 12:57:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache55 [1], xaix55 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 21911
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
14.29.98.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fa9f234af8eb98b145a1c738fc70e9e
ce1b2645b89e5589ed1336d5f55a178d75318dbe
770b08eb1b75af6e4e5e266f15aae711d5a23acb127ff00522e8d69b00a7bb1d
GET /it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 19160
expires: Thu, 19 Jan 2023 03:30:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2fa9f234af8eb98b145a1c738fc70e9e
age: 1093759
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 03:30:21 GMT
ohc-cache-hit: gz3ct57 [4], bdix64 [4]
ohc-file-size: 19160
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2694016541,475717950&fm=224&app=112&f=JPEG?w=356&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=2694016541,475717950&fm=224&app=112&f=JPEG?w=356&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 356x500, components 3\012- data
Hash fe8f93ba0aff10661c3aecabef2cf7ff
fae658dd0d252fd8fc6673a6805eff04e2ec492d
44a084eb62804f945b3dd382d2fcd18fe7d5ac0c30e65b25dacc35c3910b6f00
GET /it/u=2694016541,475717950&fm=224&app=112&f=JPEG?w=356&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpeg
Content-Length: 39708
Connection: keep-alive
Expires: Wed, 18 Jan 2023 10:57:55 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: fe8f93ba0aff10661c3aecabef2cf7ff
Age: 8562
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 19 Dec 2022 10:57:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache57 [1], xaix105 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39708
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/81870.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/81870.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/81870.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=890136273,3122340080&fm=253&fmt=auto&app=138&f=PNG?w=500&h=279
12803.url.tudown.com/uploads/images/340093.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/340093.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/340093.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500
12803.url.tudown.com/uploads/images/65224.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/65224.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/65224.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1544429480,253948055&fm=253&fmt=auto?w=120&h=80
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Wed, 11 Jan 2023 22:15:48 GMT
etag: W/"63803a7c-850"
expires: Wed, 11 Jan 2023 23:15:48 GMT
last-modified: Fri, 25 Nov 2022 03:46:04 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c0ce6bca2d1737dd-143
content-length: 783
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/449866.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/449866.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/449866.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
img2.baidu.com/it/u=2576441412,3415456545&fm=253&fmt=auto&app=138&f=JPEG?w=693&h=500
36.99.3.35200 OK 25 kB URL HTTP/2 img2.baidu.com/it/u=2576441412,3415456545&fm=253&fmt=auto&app=138&f=JPEG?w=693&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 693x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 553010d3f2bf44fa8ef52c9ba189d5bd
29641d4a3e262f9a0c4eb62a7f465acad81d2b6a
a1b86f22a8cd35c94f9f553b316d2e7b0fc15d4e55c99bcc374a4a61bd11bf67
GET /it/u=2576441412,3415456545&fm=253&fmt=auto&app=138&f=JPEG?w=693&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 24606
expires: Sat, 21 Jan 2023 10:48:27 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 553010d3f2bf44fa8ef52c9ba189d5bd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 10:48:27 GMT
ohc-cache-hit: ly4ct54 [1], bdix141 [2]
ohc-file-size: 24606
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/846260.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/846260.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/846260.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3607864652,1106795385&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=780
12803.url.tudown.com/uploads/images/168547.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/168547.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/168547.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=313397235,2373429766&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=538
12803.url.tudown.com/uploads/images/607096.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/607096.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/607096.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/862975.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/862975.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/862975.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
12803.url.tudown.com/uploads/images/19890.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/19890.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/19890.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4036772243,1120193904&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=890136273,3122340080&fm=253&fmt=auto&app=138&f=PNG?w=500&h=279
36.99.3.35200 OK 31 kB URL HTTP/2 img2.baidu.com/it/u=890136273,3122340080&fm=253&fmt=auto&app=138&f=PNG?w=500&h=279
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x279, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25150d0623e6f4d068d369a9ffcd1664
1f456a2810ee568eafb2545aeea8af20ac79590d
885faa73f8438e7ead0b061f50e3445d9be1d6cf3fce228d0801c65b8a7055fb
GET /it/u=890136273,3122340080&fm=253&fmt=auto&app=138&f=PNG?w=500&h=279 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 30826
expires: Thu, 26 Jan 2023 19:32:07 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 25150d0623e6f4d068d369a9ffcd1664
age: 114514
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 19:32:07 GMT
ohc-cache-hit: ly4ct72 [4], csix72 [4]
ohc-file-size: 30826
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500
36.99.3.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f091870a64d96dad8085a70cf1cde506
09d7d8921a0a7b502971fbab03d6effcd0454872
0dda3562ac0a19086956dbcec1176117e1b62df6780c2c2e83f45e3e60a62e78
GET /it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 31360
expires: Sat, 21 Jan 2023 08:25:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f091870a64d96dad8085a70cf1cde506
age: 1251
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 08:25:15 GMT
ohc-cache-hit: ly4ct74 [4], czix169 [2]
ohc-file-size: 31360
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=4036772243,1120193904&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 14 kB URL HTTP/1.1 t14.baidu.com/it/u=4036772243,1120193904&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2458553076dab3c6a4fac087db71d075
b7f6ea841e5512e0f71ed952f6814df5023aa80e
b6d21d6fd8a30293fce139f19db559caba68dfb225c422c183cb36c6b5819f5c
GET /it/u=4036772243,1120193904&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpeg
Content-Length: 14487
Connection: keep-alive
Expires: Thu, 02 Feb 2023 05:24:33 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 2458553076dab3c6a4fac087db71d075
Age: 731487
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 05:24:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache51 [4], qdix51 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 14487
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=1544429480,253948055&fm=253&fmt=auto?w=120&h=80
36.99.3.35200 OK 3.0 kB URL HTTP/2 img2.baidu.com/it/u=1544429480,253948055&fm=253&fmt=auto?w=120&h=80
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f7cc5843efd429fb12acc8112d650b3
91e2b561a93d9c597a5b15abd345155658eccb96
526fc15c2df5443dd7085fa8bafbe684dc56bda46cdfc779ba9b6593909f241b
GET /it/u=1544429480,253948055&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 2974
expires: Mon, 23 Jan 2023 07:20:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 8f7cc5843efd429fb12acc8112d650b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 07:20:31 GMT
ohc-cache-hit: ly4ct60 [1], qdix60 [2]
ohc-file-size: 2974
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/467139.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/467139.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/467139.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1076124526,838903652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696
img2.baidu.com/it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
36.99.3.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 317b84b87d6007a4be98dd37b4bd756c
45031e9560e38df0099c4b3a50661781ec57c578
0b7678b1873b71cebe7bbbe1331ae6201854213f38b9ac64b9670d1a8354aa72
GET /it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 12534
expires: Tue, 24 Jan 2023 11:50:42 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 317b84b87d6007a4be98dd37b4bd756c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 11:50:42 GMT
ohc-cache-hit: ly4ct54 [1], xiangyix231 [2]
ohc-file-size: 12534
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/244467.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/244467.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/244467.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
wn.pos.baidu.com/adx.php?c=d25pZD04N2I5ZWM0ZWJkNGY0MmI4AHM9ODdiOWVjNGViZDRmNDJiOAB0PTE2NzM0NzUzNDcAc2U9MQBidT00AHByaWNlPVk3ODFFd0FBeVpCN2pFcGdXNUlBOHYydFJfbnpQazFfeEFXMGNBAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjY2NDk3MzYyAHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZNzgxRXdBQXlaQjdqRXBnVzVJQTh2MnRSX256UGsxX3hBVzBjQQBiY2htZD0wAHRtPTAAdj0xAGk9OTk4NDc5MDc
182.61.200.11200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD04N2I5ZWM0ZWJkNGY0MmI4AHM9ODdiOWVjNGViZDRmNDJiOAB0PTE2NzM0NzUzNDcAc2U9MQBidT00AHByaWNlPVk3ODFFd0FBeVpCN2pFcGdXNUlBOHYydFJfbnpQazFfeEFXMGNBAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjY2NDk3MzYyAHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZNzgxRXdBQXlaQjdqRXBnVzVJQTh2MnRSX256UGsxX3hBVzBjQQBiY2htZD0wAHRtPTAAdj0xAGk9OTk4NDc5MDc
IP 182.61.200.11:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD04N2I5ZWM0ZWJkNGY0MmI4AHM9ODdiOWVjNGViZDRmNDJiOAB0PTE2NzM0NzUzNDcAc2U9MQBidT00AHByaWNlPVk3ODFFd0FBeVpCN2pFcGdXNUlBOHYydFJfbnpQazFfeEFXMGNBAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjY2NDk3MzYyAHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZNzgxRXdBQXlaQjdqRXBnVzVJQTh2MnRSX256UGsxX3hBVzBjQQBiY2htZD0wAHRtPTAAdj0xAGk9OTk4NDc5MDc HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Wed, 11 Jan 2023 22:15:48 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=F47259166759572C5DCD369CEA1E3DD9:FG=1; expires=Thu, 11-Jan-24 22:15:48 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
wn.pos.baidu.com/adx.php?c=d25pZD1jNzMzYTYzMTBmOTBkYTM5AHM9YzczM2E2MzEwZjkwZGEzOQB0PTE2NzM0NzUzNDcAc2U9MQBidT00AHByaWNlPVk3ODFFd0FBRE9wN2pFcGdXNUlBOHRvSFB0Uy1ZUm1aZC1GcUd3AGNoYXJnZV9wcmljZT0zMwBzaGFyaW5nX3ByaWNlPTMzMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0yNTgzNjEzNzMzAHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZNzgxRXdBQURPcDdqRXBnVzVJQTh0b0hQdFMtWVJtWmQtRnFHdwBiY2htZD0wAHRtPTAAdj0xAGk9MjY4MTc4ZDk
182.61.200.11200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD1jNzMzYTYzMTBmOTBkYTM5AHM9YzczM2E2MzEwZjkwZGEzOQB0PTE2NzM0NzUzNDcAc2U9MQBidT00AHByaWNlPVk3ODFFd0FBRE9wN2pFcGdXNUlBOHRvSFB0Uy1ZUm1aZC1GcUd3AGNoYXJnZV9wcmljZT0zMwBzaGFyaW5nX3ByaWNlPTMzMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0yNTgzNjEzNzMzAHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZNzgxRXdBQURPcDdqRXBnVzVJQTh0b0hQdFMtWVJtWmQtRnFHdwBiY2htZD0wAHRtPTAAdj0xAGk9MjY4MTc4ZDk
IP 182.61.200.11:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD1jNzMzYTYzMTBmOTBkYTM5AHM9YzczM2E2MzEwZjkwZGEzOQB0PTE2NzM0NzUzNDcAc2U9MQBidT00AHByaWNlPVk3ODFFd0FBRE9wN2pFcGdXNUlBOHRvSFB0Uy1ZUm1aZC1GcUd3AGNoYXJnZV9wcmljZT0zMwBzaGFyaW5nX3ByaWNlPTMzMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0yNTgzNjEzNzMzAHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZNzgxRXdBQURPcDdqRXBnVzVJQTh0b0hQdFMtWVJtWmQtRnFHdwBiY2htZD0wAHRtPTAAdj0xAGk9MjY4MTc4ZDk HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Wed, 11 Jan 2023 22:15:48 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=10ADA0DFA8DEE795510954B2B7DB10F0:FG=1; expires=Thu, 11-Jan-24 22:15:48 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
img1.baidu.com/it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
14.29.98.35200 OK 116 kB URL HTTP/2 img1.baidu.com/it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 116 kB (115780 bytes)
Hash 0a3e9485f5c55fc8e1e5e7fa29e68c48
a7008de24039a5efd6e4b4e3078d4875bb591301
bb87adfa15c8e2cb488dcc53fdf59c756f22c8b7f70fcb99b42976262f03d76b
GET /it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 115780
expires: Sat, 21 Jan 2023 05:48:42 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0a3e9485f5c55fc8e1e5e7fa29e68c48
age: 1267668
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 05:48:42 GMT
ohc-cache-hit: gz3ct54 [4], xaix71 [2]
ohc-file-size: 115780
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/538396.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/538396.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/538396.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500
12803.url.tudown.com/uploads/images/854769.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/854769.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/854769.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
12803.url.tudown.com/uploads/images/413240.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/413240.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/413240.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2721136596,3694006209&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=313397235,2373429766&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=538
36.99.3.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=313397235,2373429766&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=538
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x538, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 840f00ba5a45c530606b977aefde1605
2de78bdfc2dd54139c65226160f6511388ae1bf3
1a3aa1732fdb32ea7f91a0c38217c9b033d04ccebd9626be5411d013cce24264
GET /it/u=313397235,2373429766&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=538 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 16002
expires: Thu, 19 Jan 2023 10:30:55 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 840f00ba5a45c530606b977aefde1605
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 10:30:55 GMT
ohc-cache-hit: ly4ct106 [1], czix109 [2]
ohc-file-size: 16002
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/846796.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/846796.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/846796.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=829719919,3588146038&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
14.29.98.35200 OK 4.9 kB URL HTTP/2 img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b48caf6eb2d56562133a6a70d8f1c91
5fed66abdb48f24fd3475905c334e8a200a1e286
7b1e156ec616de69786788f83d4d63397928fbe26d32e7fcba7226d26283b597
GET /it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 4872
expires: Sun, 22 Jan 2023 21:06:41 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 2b48caf6eb2d56562133a6a70d8f1c91
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 21:06:41 GMT
ohc-cache-hit: gz3ct59 [1], qdix200 [2]
ohc-file-size: 4872
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2721136596,3694006209&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 63 kB URL HTTP/1.1 t15.baidu.com/it/u=2721136596,3694006209&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f9593827fbad08c184b76a6b8eb62653
fa4af87c079b4aef8a8573313fc44198ee67afef
236656e9275cd07424d9d02af5b5ffa5ef0d5438af117f64908bd3ac9e982724
GET /it/u=2721136596,3694006209&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 62765
Connection: keep-alive
Expires: Mon, 23 Jan 2023 14:58:10 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: f9593827fbad08c184b76a6b8eb62653
Age: 931212
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 24 Dec 2022 14:58:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache51 [1], xaix110 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62765
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/524385.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/524385.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/524385.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3139752063,1355483858&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
img0.baidu.com/it/u=3607864652,1106795385&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=780
36.99.3.35200 OK 21 kB URL HTTP/2 img0.baidu.com/it/u=3607864652,1106795385&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=780
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x780, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fcb42f0e0e8978b9a685bec32a61ba71
49056f3bde6257ecb5955bec0ad9e5b1b7dde9f8
cd39a42029117a035738a39c0a6e0f9c1b89e9606b1375d76a317dfffd86ebdd
GET /it/u=3607864652,1106795385&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=780 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 21394
expires: Sat, 04 Feb 2023 07:54:36 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: fcb42f0e0e8978b9a685bec32a61ba71
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 07:54:36 GMT
ohc-cache-hit: ly4ct81 [1], wzix81 [2]
ohc-file-size: 21394
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1076124526,838903652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696
36.99.3.35200 OK 41 kB URL HTTP/2 img2.baidu.com/it/u=1076124526,838903652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x696, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63e44cf406761e4e279d1e1b4f114641
bb3ac12650bf8bc827350301dd77e70707eb1bee
db0557859e2cde94200154996d47788c5937dd8f47eb61b7704657b642dfac28
GET /it/u=1076124526,838903652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:48 GMT
content-type: image/webp
content-length: 40868
expires: Thu, 19 Jan 2023 04:18:54 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 63e44cf406761e4e279d1e1b4f114641
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 04:18:54 GMT
ohc-cache-hit: ly4ct90 [1], xiangyix164 [2]
ohc-file-size: 40868
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6c8df2b2f03ce0a62a507c57f993fc99
1e83bc54e5bfccd10dce91a54bf99198980785ec
00ea36d1c519840c4247857be7cd397866ec3f93fb9b7a6bbcdf87a03ee0c6aa
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 22:15:49 GMT
Ali-Swift-Global-Savetime: 1673475349
Via: cache14.l2de2[182,181,200-0,M], cache14.l2de2[182,0], cache2.se1[205,204,200-0,M], cache2.se1[207,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:49 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616734753489414458e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6c8df2b2f03ce0a62a507c57f993fc99
1e83bc54e5bfccd10dce91a54bf99198980785ec
00ea36d1c519840c4247857be7cd397866ec3f93fb9b7a6bbcdf87a03ee0c6aa
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:15:49 GMT
Last-Modified: Wed, 11 Jan 2023 15:48:37 GMT
ETag: "63beda55-1d7"
Expires: Fri, 13 Jan 2023 15:48:37 GMT
Cache-Control: max-age=149568
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475349
Via: cache3.l2de2[187,186,200-0,M], cache3.l2de2[187,0], cache1.se1[210,210,200-0,M], cache1.se1[211,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:49 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516734753489718149e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6c8df2b2f03ce0a62a507c57f993fc99
1e83bc54e5bfccd10dce91a54bf99198980785ec
00ea36d1c519840c4247857be7cd397866ec3f93fb9b7a6bbcdf87a03ee0c6aa
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 22:15:49 GMT
Ali-Swift-Global-Savetime: 1673475349
Via: cache3.l2de2[192,192,200-0,M], cache3.l2de2[193,0], cache2.se1[215,215,200-0,M], cache2.se1[216,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:49 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616734753489654470e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6c8df2b2f03ce0a62a507c57f993fc99
1e83bc54e5bfccd10dce91a54bf99198980785ec
00ea36d1c519840c4247857be7cd397866ec3f93fb9b7a6bbcdf87a03ee0c6aa
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 22:15:49 GMT
Ali-Swift-Global-Savetime: 1673475349
Via: cache14.l2de2[187,186,200-0,M], cache14.l2de2[188,0], cache2.se1[211,210,200-0,M], cache2.se1[212,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:49 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616734753489834479e
12803.url.tudown.com/uploads/images/377134.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/377134.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/377134.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=650612019,2269998946&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
img1.baidu.com/it/u=829719919,3588146038&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
14.29.98.35200 OK 46 kB URL HTTP/2 img1.baidu.com/it/u=829719919,3588146038&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash faf39e1f4bb112def3e8161f8bd8acaa
2f9343c04bf0738b1eb89ff1fc50ce7eefcaa9f5
c4ddd7c81b9f7221ac54cbcdd317f13533ef15d93221e52e7f9c3cf67744835f
GET /it/u=829719919,3588146038&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 45986
expires: Mon, 16 Jan 2023 06:05:45 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: faf39e1f4bb112def3e8161f8bd8acaa
age: 309690
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 17 Dec 2022 06:05:45 GMT
ohc-cache-hit: gz3ct56 [4], xaix188 [2]
ohc-file-size: 45986
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/950456.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/950456.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/950456.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2749632013,268866991&fm=253&fmt=auto?w=889&h=500
12803.url.tudown.com/uploads/images/549445.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/549445.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/549445.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/581375.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/581375.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/581375.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3303987045,2835520821&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
14.29.98.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x960, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba57ba38e43ee221765b1f1b7e064a2b
f3d9ad7e969153e6774c4f444b8475f15cee3caf
ff4eafb78398fc3fcd3795e9cd84d959b40a13a90fd4f14c3fc4082a8333bbd0
GET /it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 23124
expires: Sun, 22 Jan 2023 02:54:12 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ba57ba38e43ee221765b1f1b7e064a2b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 02:54:12 GMT
ohc-cache-hit: gz3ct59 [1], qdix201 [2]
ohc-file-size: 23124
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3139752063,1355483858&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
14.29.98.35200 OK 2.8 kB URL HTTP/2 img1.baidu.com/it/u=3139752063,1355483858&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb35518f614acc4607030433963b220b
850b72cec0c00a1b1696675f9e0e5a6650ccb8c0
1bdda3316ba11f0fb0172b0694baefc2fc4e00d87d1dd93468d76378c9e3c392
GET /it/u=3139752063,1355483858&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 2758
expires: Sat, 21 Jan 2023 08:51:14 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: bb35518f614acc4607030433963b220b
age: 3774
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 08:51:14 GMT
ohc-cache-hit: gz3ct56 [4], bdix166 [4]
ohc-file-size: 2758
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 107 kB URL HTTP/1.1 img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2019:04:01 17:23:12], baseline, precision 8, 1280x800, components 3\012- data
Size 107 kB (106774 bytes)
Hash 4ea61bfb320e9f250591dc30d955f30e
e6bdcf37df2b2655de418af2ecffee266a3efb6e
2472d1de6b554ce3ac4f66707994b36057f49a1e2c2effaa8ee10c3be9c2c4b0
GET /it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 106774
Connection: keep-alive
Expires: Fri, 03 Feb 2023 05:43:15 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 4ea61bfb320e9f250591dc30d955f30e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 05:43:15 GMT
Ohc-Cache-HIT: ly4ct106 [1], qdix229 [2]
Ohc-File-Size: 106774
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/162181.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/162181.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/162181.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1677941003,1839677777&fm=253&app=120&f=JPEG?w=1280&h=800
t14.baidu.com/it/u=3303987045,2835520821&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t14.baidu.com/it/u=3303987045,2835520821&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9461fe60970c0eb9d6f4fdc98c3a787a
6ecac57f88b53706c539ba94e8e644926f9db5e9
8508d17e2e348791a43a21fdadb3a1b041220ee4526b82d6f02a83b66a0af08e
GET /it/u=3303987045,2835520821&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 33838
Connection: keep-alive
Expires: Fri, 10 Feb 2023 19:30:56 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 9461fe60970c0eb9d6f4fdc98c3a787a
Age: 8531
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 19:30:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache51 [1], wzix112 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33838
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500
36.99.3.35200 OK 57 kB URL HTTP/2 img2.baidu.com/it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1094x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63a23b868fb03250638a7e0ed1ecd5f2
9c573450417a92bf1739de2735e88c2c8c06ab2b
e652c084f6dfac3612c849639105dff0d68f0b93ead9a0cd829198d1d5d0eeac
GET /it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 56682
expires: Fri, 27 Jan 2023 16:19:33 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 63a23b868fb03250638a7e0ed1ecd5f2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 16:19:33 GMT
ohc-cache-hit: ly4ct81 [1], xiangyix81 [2]
ohc-file-size: 56682
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/469533.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/469533.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/469533.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=933091455,3548508773&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=480
lupic.cdn.bcebos.com/20210629/17697879_14.jpg
119.96.52.35200 OK 4.2 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/17697879_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x199, components 3\012- data
Hash 0eda5de596f06db7ef40b42a87ee6541
65ed2745a4acd30d532d68710641156cb914a049
b601b2fda330f907885837d78e6aa43b49347966d56d36d4cda45bb50b37ec40
GET /20210629/17697879_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 4227
expires: Sat, 14 Jan 2023 03:20:38 GMT
last-modified: Thu, 01 Jul 2021 16:36:32 GMT
etag: "0eda5de596f06db7ef40b42a87ee6541"
age: 68069
accept-ranges: bytes
content-md5: Dtpd5ZbwbbfvQLQqh+5lQQ==
x-bce-content-crc32: 0
x-bce-debug-id: WC/wPyBi9otgKfuAfsyrGMeJaYTmqvhmflTpWCuJPQeW9bjYqS0/QnC5abxO87Mk51kIqnP9sG/jZjTzuNqpTA==
x-bce-request-id: e0876734-c30e-4d50-bdfa-62cf2fa908bb
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 03:20:38 GMT
ohc-cache-hit: wh4ct64 [2], xiangyix112 [1]
ohc-file-size: 4227
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/2001250994_14.jpg
119.96.52.35200 OK 8.5 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2001250994_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash ed1df6843e51f19fd75f71be9b5ebf76
16387cff3f09e366c1ff6f9a66e9b6ac8b0738f7
310df026d1fa2acce77f6435b8e9f2123963435d0d0b3d44d2955b9172a99e57
GET /20210629/2001250994_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 8519
expires: Fri, 13 Jan 2023 05:42:44 GMT
last-modified: Thu, 01 Jul 2021 18:34:43 GMT
etag: "ed1df6843e51f19fd75f71be9b5ebf76"
age: 140133
accept-ranges: bytes
content-md5: 7R32hD5R8Z/XX3G+m16/dg==
x-bce-content-crc32: 0
x-bce-debug-id: Pzg4d1IRhgedxPM7QdCChyMmlTvl8PqPlqT8g9/9o9eljVtyf7pcwWuaD0aSOkXxiK5Aho1zgducUOisgKTxZg==
x-bce-request-id: 27e7dd3f-c0bb-47e3-a1c5-254690368862
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 05:42:44 GMT
ohc-cache-hit: wh4ct50 [2], czix96 [2]
ohc-file-size: 8519
x-cache-status: HIT
X-Firefox-Spdy: h2
eclick.baidu.com/rs.jpg?pageSearchId=16734753317095e1bfo4mcok&content=%7BpgSacI%22%2263731051f4ck%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F183ultdw.o%2Foncta2vr4E%250B%258A%253E%2598%250E%258A%2569%257E%2598%406_52.x%22%22aeerhd%3A1745379ebomo%22%5D%22aeerhd%3A1745379ebomo%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F20.r.uoncmdw%2Fai%25052%257A%254E%257A%2578%2582%254B%25DE%2568%2578%25819584ee%2CpgSacI%22%2263731051f4ck%7D%7D
110.242.68.137200 OK 0 B URL HTTP/1.1 eclick.baidu.com/rs.jpg?pageSearchId=16734753317095e1bfo4mcok&content=%7BpgSacI%22%2263731051f4ck%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F183ultdw.o%2Foncta2vr4E%250B%258A%253E%2598%250E%258A%2569%257E%2598%406_52.x%22%22aeerhd%3A1745379ebomo%22%5D%22aeerhd%3A1745379ebomo%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F20.r.uoncmdw%2Fai%25052%257A%254E%257A%2578%2582%254B%25DE%2568%2578%25819584ee%2CpgSacI%22%2263731051f4ck%7D%7D
IP 110.242.68.137:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs.jpg?pageSearchId=16734753317095e1bfo4mcok&content=%7BpgSacI%22%2263731051f4ck%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F183ultdw.o%2Foncta2vr4E%250B%258A%253E%2598%250E%258A%2569%257E%2598%406_52.x%22%22aeerhd%3A1745379ebomo%22%5D%22aeerhd%3A1745379ebomo%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F20.r.uoncmdw%2Fai%25052%257A%254E%257A%2578%2582%254B%25DE%2568%2578%25819584ee%2CpgSacI%22%2263731051f4ck%7D%7D HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: image/jpeg
Date: Wed, 11 Jan 2023 22:15:49 GMT
Etag: "6295ed49-0"
Expires: Wed, 11 Jan 2023 22:15:49 GMT
Last-Modified: Tue, 31 May 2022 10:26:17 GMT
Server: nginx
cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
220.169.152.35200 OK 4.5 kB URL HTTP/2 cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
IP 220.169.152.35:0
File type PNG image data, 44 x 984, 8-bit colormap, non-interlaced\012- data
Hash 3e2d110dd13ae372eac3c04347687487
666c77091671206a1ee7202bfa821afa63dfed94
4b86aeb9d139835e6517cef965d3442d8efca774abc2d6befc580ec63aace62e
GET /cpro/ui/noexpire/img/2.0.0/native_ad.png HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/png
content-length: 4514
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
etag: "6246a41f-11a2"
cache-control: max-age=315360000
age: 495441
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Jun 2022 04:49:12 GMT
ohc-cache-hit: yy2ct60 [2], wzix60 [4]
ohc-file-size: 4514
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6c8df2b2f03ce0a62a507c57f993fc99
1e83bc54e5bfccd10dce91a54bf99198980785ec
00ea36d1c519840c4247857be7cd397866ec3f93fb9b7a6bbcdf87a03ee0c6aa
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:15:49 GMT
Last-Modified: Wed, 11 Jan 2023 15:48:37 GMT
ETag: "63beda55-1d7"
Expires: Fri, 13 Jan 2023 15:48:37 GMT
Cache-Control: max-age=149568
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475349
Via: cache21.l2de2[516,517,200-0,M], cache21.l2de2[518,0], cache5.se1[538,538,200-0,M], cache5.se1[540,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:15:49 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916734753489546641e
img2.baidu.com/it/u=650612019,2269998946&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
36.99.3.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=650612019,2269998946&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57375621b9f5d89784d82331c68f976c
7e5f015d360cc1462bdc67dd3c374b22c8009a6a
0c05b19ab2f67f806df4f10c0a185218c141281b385b3c0906957784d8e32ddd
GET /it/u=650612019,2269998946&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 16476
expires: Thu, 19 Jan 2023 15:01:14 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 57375621b9f5d89784d82331c68f976c
age: 78002
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 15:01:14 GMT
ohc-cache-hit: ly4ct105 [4], czix141 [4]
ohc-file-size: 16476
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/283752.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/283752.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/283752.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2205886886,575532321&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
img1.baidu.com/it/u=2749632013,268866991&fm=253&fmt=auto?w=889&h=500
14.29.98.35200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=2749632013,268866991&fm=253&fmt=auto?w=889&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1718e723a5757fecc99b927a3ca5c99e
44a626156a545a467ddc57c392a264f9d5103bd8
d8d884ce976262d4be96b8c8003e575965108a21023d2c4649d644ba3df6e92b
GET /it/u=2749632013,268866991&fm=253&fmt=auto?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 23550
expires: Tue, 31 Jan 2023 10:02:41 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 1718e723a5757fecc99b927a3ca5c99e
age: 303490
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 10:02:41 GMT
ohc-cache-hit: gz3ct53 [4], qdix240 [4]
ohc-file-size: 23550
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/496363.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/496363.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/496363.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4133542432,3342417285&fm=224&app=112&f=JPEG?w=500&h=500&s=929450854C77DADE44904BBB03007016
12803.url.tudown.com/uploads/images/643284.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/643284.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/643284.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2414747560,2836433434&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/537546.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/537546.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/537546.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
t15.baidu.com/it/u=4133542432,3342417285&fm=224&app=112&f=JPEG?w=500&h=500&s=929450854C77DADE44904BBB03007016
185.10.104.124200 OK 56 kB URL HTTP/1.1 t15.baidu.com/it/u=4133542432,3342417285&fm=224&app=112&f=JPEG?w=500&h=500&s=929450854C77DADE44904BBB03007016
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f3b3cb95fcc93470c150c5b6492ab9ee
8266b3308d5cee10e0ea83df50b05aec8e88679e
0b626d1100c5d987d14678f4f32218689d89c1dcf654694f5c5c06e59d5387ea
GET /it/u=4133542432,3342417285&fm=224&app=112&f=JPEG?w=500&h=500&s=929450854C77DADE44904BBB03007016 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 56448
Connection: keep-alive
Expires: Wed, 25 Jan 2023 09:07:57 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f3b3cb95fcc93470c150c5b6492ab9ee
Age: 36546
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 09:07:57 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache55 [1], xiangyix214 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56448
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 33 kB URL HTTP/2 img2.baidu.com/it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd1c748b2b9df83a61e722ba34f0012d
6661aeee02d371424d7df827faae70788373a6c6
dd42683fb1838ccf1b82f703b5ce255a0e317c9c44c31eba6b7afcc6963658c4
GET /it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 33326
expires: Mon, 06 Feb 2023 09:10:25 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: cd1c748b2b9df83a61e722ba34f0012d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 09:10:25 GMT
ohc-cache-hit: ly4ct51 [1], xiangyix51 [4]
ohc-file-size: 33326
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/258436.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/258436.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/258436.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4288842202,2332283455&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img2.baidu.com/it/u=933091455,3548508773&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=480
36.99.3.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=933091455,3548508773&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=480
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fcb2f1bce0bb6dc5fc9db13b68599d0c
d6c817bacdf19ec0c26e91708508e368184618a3
cc56eb0741171fab50b6ae5b2bb48c0978cb8a573da372293bf16c5d38ff6269
GET /it/u=933091455,3548508773&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=480 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 14802
expires: Wed, 18 Jan 2023 08:32:13 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: fcb2f1bce0bb6dc5fc9db13b68599d0c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 08:32:13 GMT
ohc-cache-hit: ly4ct51 [1], suzix51 [4]
ohc-file-size: 14802
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/842520.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/842520.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842520.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=4105755212,132343308&fm=253&app=120&f=JPEG?w=1280&h=800
lupic.cdn.bcebos.com/20210629/2002099916_14.jpg
119.96.52.35200 OK 20 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2002099916_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 3c6f58776c021072e82c5f27b43d5fa5
4447a3b7fe4f89e24a7b1e36ea05193cfaed16fd
8e4a3f6eb980c4c6921664393f94349c9fdacfebc6f6c8064ac1b214c729ab66
GET /20210629/2002099916_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 19814
expires: Sat, 14 Jan 2023 02:17:24 GMT
last-modified: Wed, 30 Jun 2021 21:18:43 GMT
etag: "3c6f58776c021072e82c5f27b43d5fa5"
age: 23739
accept-ranges: bytes
content-md5: PG9Yd2wCEHLoLF8ntD1fpQ==
x-bce-content-crc32: 0
x-bce-debug-id: Rh7CK1XkLGXG9p6l5aGpBMNrLiOrNRJV1kJ7IwD/NxnuRNbzR+dx+btnLmTwuz847nspJ0U5mXKO81WINB8qlg==
x-bce-request-id: ca87a4b6-3e2b-46a4-8d38-3a1f78ee90f5
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 02:17:24 GMT
ohc-cache-hit: wh4ct51 [2], qdix192 [2]
ohc-file-size: 19814
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20191203/3017154272_14.jpg
119.96.52.35200 OK 32 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3017154272_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x286, components 3\012- data
Hash bcc5b64c96a6e8f6458bc4ab5f693f9a
c6014adf636fa61ec1979cdc1e7f88f00957de26
bba7634817c698a5fcdda323c6c9b8aca75d22e0fb560f4aafae7231032ee129
GET /20191203/3017154272_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 31834
expires: Wed, 11 Jan 2023 23:33:07 GMT
last-modified: Tue, 03 Dec 2019 08:45:26 GMT
etag: "bcc5b64c96a6e8f6458bc4ab5f693f9a"
age: 254285
accept-ranges: bytes
content-md5: vMW2TJam6PZFi8SrX2k/mg==
x-bce-content-crc32: 609958593
x-bce-debug-id: kixkZUotojcfbZzARjX4zXSCytA5rg1weAw0RS01olCuHvKt33sp4jC/q94VsLjpFvQF3ckyc+iZtQ55rGH0Hg==
x-bce-request-id: 120e7a4f-615a-469f-9e65-30d87782e4bf
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 23:33:07 GMT
ohc-cache-hit: wh4ct54 [2], suzix220 [4]
ohc-file-size: 31834
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1677941003,1839677777&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 136 kB URL HTTP/1.1 img0.baidu.com/it/u=1677941003,1839677777&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 136 kB (136306 bytes)
Hash d8cc42d37bc71bdce92c6c258ad39a6f
4992e742ab5ddadb1440f785d0257c637e28f107
974ab59577ee901bc4a5de2d4e84693213458c973aa6546365cb630f89ce300d
GET /it/u=1677941003,1839677777&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 136306
Connection: keep-alive
Expires: Tue, 31 Jan 2023 03:03:40 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: d8cc42d37bc71bdce92c6c258ad39a6f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 03:03:40 GMT
Ohc-Cache-HIT: ly4ct100 [2], xiangyix245 [2]
Ohc-File-Size: 136306
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/79134.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/79134.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/79134.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083
12803.url.tudown.com/uploads/images/922391.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/922391.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/922391.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2462367059,1698195956&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
12803.url.tudown.com/uploads/images/212874.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/212874.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/212874.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3440715138,9148372&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500
12803.url.tudown.com/uploads/images/991474.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/991474.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/991474.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3162919453,102928450&fm=253&app=120&f=JPEG?w=1422&h=800
img0.baidu.com/it/u=2205886886,575532321&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
36.99.3.35200 OK 52 kB URL HTTP/2 img0.baidu.com/it/u=2205886886,575532321&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e342133f541c4500dc0c4d8a402f9098
2a2ef272e92e8c2d0bd9c965c50055a8ffff8a59
5388813eaa2093e989b5bb154df843dc99f35203585ec6fcc69691f6da7a2d90
GET /it/u=2205886886,575532321&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 52490
expires: Tue, 24 Jan 2023 08:55:18 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e342133f541c4500dc0c4d8a402f9098
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 08:55:18 GMT
ohc-cache-hit: ly4ct88 [1], xiangyix113 [2]
ohc-file-size: 52490
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4288842202,2332283455&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
14.29.98.35200 OK 53 kB URL HTTP/2 img1.baidu.com/it/u=4288842202,2332283455&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc62b3c3f09b93f32b56f6196bd737bd
0914ec76aa01978d6ea5f57f4cc5b4d3c53dd0ca
4a87452bb545454b90cc090925ed438b63f7b27b0b2c5dc588e7ae4827099d6c
GET /it/u=4288842202,2332283455&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 52952
expires: Sun, 22 Jan 2023 06:55:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: fc62b3c3f09b93f32b56f6196bd737bd
age: 424315
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 06:55:15 GMT
ohc-cache-hit: gz3ct59 [4], bdix152 [2]
ohc-file-size: 52952
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
14.29.98.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b317c6a479a60ca9190e373f835bc0fc
7bb08821128531086bc256c3cf49dffb44c5da3d
b619b4576f7cde7b5d5d9c16b4b3a59d3ba776979fcb25bc44ee307fdf2e8feb
GET /it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 14682
expires: Fri, 03 Feb 2023 00:04:11 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b317c6a479a60ca9190e373f835bc0fc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 00:04:11 GMT
ohc-cache-hit: gz3ct59 [1], xaix100 [2]
ohc-file-size: 14682
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/2000015796_14.jpg
119.96.52.35200 OK 30 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2000015796_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 52f00453972e2437f8aa07af07439a57
8bac2ce91bc0570b0636fa712a5951edcd2c108c
652c940e0a8e7f66008e29561d4c130750703ec9a10d2bdc53143184fb498a93
GET /20210629/2000015796_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 29737
expires: Thu, 12 Jan 2023 12:05:00 GMT
last-modified: Thu, 01 Jul 2021 22:57:29 GMT
etag: "52f00453972e2437f8aa07af07439a57"
age: 7291
accept-ranges: bytes
content-md5: UvAEU5cuJDf4qgevB0OaVw==
x-bce-content-crc32: 0
x-bce-debug-id: KSD6F1LRzv9hQ/sQRiR8vHYTjonvI76zyVrG9b6LMod8QDAv2s28L3ptnVOhGtBbIp7gUFKkEr0sW6oFQ2erGw==
x-bce-request-id: 74c277a4-3f84-4273-a5db-cd7483a9d695
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 12:05:00 GMT
ohc-cache-hit: wh4ct55 [2], czix95 [2]
ohc-file-size: 29737
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/2015468205_14.jpg
119.96.52.35200 OK 9.5 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2015468205_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 300x214, components 3\012- data
Hash 31a6bd0601a5ab2c14fc94d8790262fa
1da0226a640dcfc3c0f1a92ab99d2d786fc11e0c
bf6973639dcdd51943c2d9786598d6beb2ba54e26687001b263898b7cb6dbb52
GET /20210629/2015468205_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 9535
expires: Thu, 12 Jan 2023 11:52:47 GMT
last-modified: Fri, 02 Jul 2021 08:22:15 GMT
etag: "31a6bd0601a5ab2c14fc94d8790262fa"
age: 209054
accept-ranges: bytes
content-md5: Maa9BgGlqywU/JTYeQJi+g==
x-bce-content-crc32: 0
x-bce-debug-id: pWWSwgaCJcl8P9FQufLPH7Wdcjy4ShHPSpM42DaxwgqXSVKGBSPzAg677yKp7trAa50LP7lliLNiDNuDdMQQ8Q==
x-bce-request-id: 9ec150bc-354a-41a0-a723-298809c7e400
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 11:52:47 GMT
ohc-cache-hit: wh4ct68 [4], czix95 [2]
ohc-file-size: 9535
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20220601/3086818421_14_600_429.jpg
119.96.52.35200 OK 21 kB URL HTTP/2 lupic.cdn.bcebos.com/20220601/3086818421_14_600_429.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x429, components 3\012- data
Hash 076becc0d6d00495870a50d2a61dd1d9
3d5996257f7680e018271767b35d2eaae9cbcab9
0b05cab17520ecf2dbadb851a944fbb5396168d918cb20e5bcd07db7670f5704
GET /20220601/3086818421_14_600_429.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 21105
expires: Thu, 12 Jan 2023 12:51:48 GMT
last-modified: Thu, 02 Jun 2022 03:36:53 GMT
etag: "076becc0d6d00495870a50d2a61dd1d9"
age: 200814
accept-ranges: bytes
content-md5: B2vswNbQBJWHClDSph3R2Q==
x-bce-content-crc32: 1922509067
x-bce-debug-id: IJULy8hA2XxEywJ59M4DFo/hPRE+451G5DyoiPKGSsaBhLmk3h0R6eTs16knp7nlmcVrB/iIBEF744pKJm0IHQ==
x-bce-request-id: 207af164-9d0d-49c6-8d74-73a3cc54eaaf
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 12:51:48 GMT
ohc-cache-hit: wh4ct55 [4], xiangyix141 [4]
ohc-file-size: 21105
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/157799.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/157799.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/157799.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196
12803.url.tudown.com/uploads/images/380507.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/380507.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/380507.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3502560142,3200520054&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3502560142,3200520054&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 23 kB URL HTTP/1.1 t14.baidu.com/it/u=3502560142,3200520054&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 64100e757f0967cd4a73630b3b222e40
07c69fbfccd52d2920a478a950c8d6737fb50ed5
c34af0194e330f5e96b0a606c6fa36f645e578a155812209c1ec1e86b19ad311
GET /it/u=3502560142,3200520054&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpeg
Content-Length: 23110
Connection: keep-alive
Expires: Sat, 21 Jan 2023 00:59:35 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 64100e757f0967cd4a73630b3b222e40
Age: 1107016
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 22 Dec 2022 00:59:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache59 [4], suzix78 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 23110
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=4105755212,132343308&fm=253&app=120&f=JPEG?w=1280&h=800
14.29.98.35200 OK 108 kB URL HTTP/1.1 img1.baidu.com/it/u=4105755212,132343308&fm=253&app=120&f=JPEG?w=1280&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 108 kB (108109 bytes)
Hash 7481042715e9296bfdd6be466d4fba1f
c58e6c7ab72c3eded627ff3f0c4f67ada7fae805
a48f4d11f26a12092b9ab83600b688593f129e48cf6b111301174156ed2a537f
GET /it/u=4105755212,132343308&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 108109
Connection: keep-alive
Expires: Wed, 18 Jan 2023 12:10:41 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 7481042715e9296bfdd6be466d4fba1f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 19 Dec 2022 12:10:41 GMT
Ohc-Cache-HIT: gz3ct58 [1], xiangyix97 [2]
Ohc-File-Size: 108109
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/891876.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/891876.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/891876.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=2414747560,2836433434&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.50.35200 OK 67 kB URL HTTP/1.1 img2.baidu.com/it/u=2414747560,2836433434&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 9862144e4d56fa35110b6bc6f76eb517
21467c7008bea2e94dc9fbc04d1b60a27a21f73a
a053644657eb6ec89317c95b5ec747afe8d71c07e03bdb5b1c0f8064af2253c8
GET /it/u=2414747560,2836433434&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:49 GMT
Content-Type: image/jpeg
Content-Length: 67083
Connection: keep-alive
Expires: Sat, 21 Jan 2023 04:08:52 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 9862144e4d56fa35110b6bc6f76eb517
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 22 Dec 2022 04:08:52 GMT
Ohc-Cache-HIT: zz6ct69 [1], xiangyix98 [2]
Ohc-File-Size: 67083
X-Cache-Status: MISS
img2.baidu.com/it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083
36.99.3.35200 OK 55 kB URL HTTP/2 img2.baidu.com/it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1083, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2f3af1378b4a9f9c444cb2126fe543d
7b120ccb285ab5a9a3052c19a9e846ae411a4b21
8b40c349ac59592a77c7fdfb1b0dcef906c4fc05e814981ae7d71878b2055801
GET /it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/webp
content-length: 55296
expires: Sat, 21 Jan 2023 06:29:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f2f3af1378b4a9f9c444cb2126fe543d
age: 76298
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 06:29:03 GMT
ohc-cache-hit: ly4ct96 [4], suzix96 [4]
ohc-file-size: 55296
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2462367059,1698195956&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
14.29.98.35200 OK 2.1 kB URL HTTP/2 img1.baidu.com/it/u=2462367059,1698195956&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aca8b6f7b86e3983e6bd75092fabef7c
4f6fda3c264b22a4c8ac7b9fa58ce3b07e815b24
5cf407985d033a08dab78af10c823fe97f6a64d3bd501320ce5e97fa794ec3ef
GET /it/u=2462367059,1698195956&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 2122
expires: Mon, 23 Jan 2023 07:00:11 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: aca8b6f7b86e3983e6bd75092fabef7c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 07:00:11 GMT
ohc-cache-hit: gz3ct54 [1], xaix170 [2]
ohc-file-size: 2122
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3440715138,9148372&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500
14.29.98.35200 OK 11 kB URL HTTP/1.1 img1.baidu.com/it/u=3440715138,9148372&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 563x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 23709adff8baf87d96d99c102533028b
1d5a8aae6e387f12c1551bc73a49f9c531fd96b2
114747fc6415ff2f03b807d80c33b9321ddf710a7ef8541429635b8eaf4001dc
GET /it/u=3440715138,9148372&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/webp
Content-Length: 11292
Connection: keep-alive
Expires: Wed, 25 Jan 2023 02:28:29 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 23709adff8baf87d96d99c102533028b
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 02:28:29 GMT
Ohc-Cache-HIT: gz3ct51 [1], xiangyix230 [2]
Ohc-File-Size: 11292
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/719607.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/719607.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/719607.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500
12803.url.tudown.com/uploads/images/127058.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/127058.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/127058.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2874450716,59716112&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
12803.url.tudown.com/uploads/images/415379.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/415379.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/415379.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3249553370,1997602126&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
lupic.cdn.bcebos.com/20200412/3073940729_14_800_572.jpg
119.96.52.35200 OK 43 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3073940729_14_800_572.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x572, components 3\012- data
Hash a8d753752b9eb11b42cf136b1e29b78e
89d33691f982f9ba66fc8c2ed98ccf2679c2682d
4a07946857dc4f3905d32a9fe5278a5a4ed518d827a04a82e484816374fce544
GET /20200412/3073940729_14_800_572.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 42968
expires: Sat, 14 Jan 2023 02:26:11 GMT
last-modified: Tue, 14 Apr 2020 16:38:24 GMT
etag: "a8d753752b9eb11b42cf136b1e29b78e"
accept-ranges: bytes
content-md5: qNdTdSuesRtCzxNrHim3jg==
x-bce-content-crc32: 2849273704
x-bce-debug-id: T+y0++4zQgvxrXkAZL9AKnADIlMpprko8scVPQ+jXka/77fy3hehK/kwa8EAVJDkJbCQX+MADWo1a+BWBOoZTg==
x-bce-request-id: 02405aae-ebe6-4d39-b4d3-1f2a3a0e163f
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 02:26:11 GMT
ohc-cache-hit: wh4ct52 [2], qdix190 [4]
ohc-file-size: 42968
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20221130/3089189240_14_717_512.jpg
119.96.52.35200 OK 54 kB URL HTTP/2 lupic.cdn.bcebos.com/20221130/3089189240_14_717_512.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 717x512, components 3\012- data
Hash 3e59b4e88989ebbba3798169fff561a2
02d4d5f062cff3b94e41dcca99b0185a0766e641
9d3ff64169e2963a6df415bd4703aeeb2852774390933ddf294a6e4e1200d337
GET /20221130/3089189240_14_717_512.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 53629
expires: Fri, 13 Jan 2023 08:57:59 GMT
last-modified: Sat, 03 Dec 2022 00:43:55 GMT
etag: "3e59b4e88989ebbba3798169fff561a2"
age: 103654
accept-ranges: bytes
content-md5: Plm06ImJ67ujeYFp//Vhog==
x-bce-content-crc32: 3096177615
x-bce-debug-id: M9iq083b0/yPpRl//Mh0SDfDrLYb9c5N4N+Nu8oLZCigVfW5ZaZEbpybeCbiYa3unc9xYCL02A8MaYrQeo9A9A==
x-bce-request-id: 106729c9-d831-4244-bfc5-dc4fb0552261
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 08:57:59 GMT
ohc-cache-hit: wh4ct64 [2], wzix64 [2]
ohc-file-size: 53629
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/9074743_14.jpg
119.96.52.35200 OK 22 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/9074743_14.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 76cc5fbb5d7a6c2ff236f051f9bd84c3
f373ec10abcd8b3109f16ace1817a37e293fc81e
b0652d196fbf3c6963ce10e34d7eb746b499800b897b583be13a94d60a6ff62f
GET /20210629/9074743_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 22199
expires: Thu, 12 Jan 2023 09:05:41 GMT
last-modified: Fri, 02 Jul 2021 14:44:06 GMT
etag: "76cc5fbb5d7a6c2ff236f051f9bd84c3"
age: 29103
accept-ranges: bytes
content-md5: dsxfu116bC/yNvBR+b2Eww==
x-bce-content-crc32: 0
x-bce-debug-id: 7+wJm9n0SvGjpeX3CxGhsBNVxW3w70WB8M1H4ezggZWHA71HSzYuonwhgp5emtgObunzCa6LN+FgleF6wL9IzQ==
x-bce-request-id: 7e2fd763-cf97-4bf4-a568-b25dfe41bd58
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 09:05:41 GMT
ohc-cache-hit: wh4ct68 [2], czix208 [2]
ohc-file-size: 22199
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196
36.99.3.35200 OK 3.7 kB URL HTTP/2 img2.baidu.com/it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 138x196, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4705d959457f24b961e4574c59ff0036
56ed22beb312bc3cc29f1c8708a10c17944c472e
0bd08e9d06cc7043563f0d4e625ca4dfd6331f3edc4affb54e8fee7242515edf
GET /it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 3744
expires: Sun, 15 Jan 2023 12:23:19 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 4705d959457f24b961e4574c59ff0036
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 12:23:19 GMT
ohc-cache-hit: ly4ct84 [1], xiangyix125 [2]
ohc-file-size: 3744
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20200412/3072744241_14_800_572.jpg
119.96.52.35200 OK 20 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3072744241_14_800_572.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x572, components 3\012- data
Hash d1a13b98f20a5fbc1d01dfa01740ae14
0aeff8a7653b5fc2546885d5339eec1b5f8cab7f
05f4494ff061ed17fa29baedfd3e7e112ebf4fe8bbd2633fb9c6303019f74f34
GET /20200412/3072744241_14_800_572.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 20012
expires: Thu, 12 Jan 2023 12:35:33 GMT
last-modified: Sat, 11 Apr 2020 17:51:28 GMT
etag: "d1a13b98f20a5fbc1d01dfa01740ae14"
age: 207519
accept-ranges: bytes
content-md5: 0aE7mPIKX7wdAd+gF0CuFA==
x-bce-content-crc32: 490285251
x-bce-debug-id: zRZI5HBodMwQHtN/I4x1suEaft2YL4TLLFsEytSEI7OOXp7isNZwkNgIeAYofJfs35ytCP/3w64FYiyS0mj4RQ==
x-bce-request-id: e0e1d0b0-c3c1-415c-a548-703a7e3d7b3e
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 12:35:33 GMT
ohc-cache-hit: wh4ct53 [2], xiangyix197 [2]
ohc-file-size: 20012
x-cache-status: HIT
X-Firefox-Spdy: h2
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 46 kB URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Hash 4440a1e3115d9cf60b208f1582d14c48
80c8e80c0d61fe57e7cf0d848e13c720b919ee2d
135e6aebbea802ee98b1a2762b049dbe1ab0f6be4206cb5505bdfe06c36670e7
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Wed, 11 Jan 2023 22:15:48 GMT
etag: W/"62ecd733-371a"
expires: Wed, 11 Jan 2023 23:15:48 GMT
last-modified: Fri, 05 Aug 2022 08:39:15 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c0ce6bca962437dd-143
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20200412/3053678917_14_559_400.jpg
119.96.52.35200 OK 19 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3053678917_14_559_400.jpg
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 559x400, components 3\012- data
Hash 84d48f9fcbb97d1fcc174d539a57cd32
8b153ace4cc3d1613d62c194f2b6604ebb40ae5b
220cbe30eb1c0f38424430d7aa8e11530ad4c4018807eaeaaf8a455a00e3e7d5
GET /20200412/3053678917_14_559_400.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:49 GMT
content-type: image/jpeg
content-length: 19195
expires: Thu, 12 Jan 2023 10:24:01 GMT
last-modified: Sun, 12 Apr 2020 08:39:59 GMT
etag: "84d48f9fcbb97d1fcc174d539a57cd32"
age: 36971
accept-ranges: bytes
content-md5: hNSPn8u5fR/MF01TmlfNMg==
x-bce-content-crc32: 3251582587
x-bce-debug-id: 7PwtGxWFnbC5T/cSB5SbpUakFVqILYMfX27lotxlIG4GxpgTL3QopZkZqxG8Qn8Uc1VvUUU3XpqolhXTXN6bQQ==
x-bce-request-id: fd9b0e3a-d0f7-411b-91e9-b91e88eaf2a2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 10:24:01 GMT
ohc-cache-hit: wh4ct50 [4], qdix152 [2]
ohc-file-size: 19195
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/161541.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/161541.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/161541.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273
12803.url.tudown.com/uploads/images/483479.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/483479.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/483479.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1618250629,2625909570&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
t13.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 76 kB URL HTTP/1.1 t13.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3d203fedc41dfb1218e27e0669bc9a38
5d9353856de0e35cbd3b4f00aaf903fb423e0ad3
8868b22739aa8848b8534fc17f2e3da45ba552aefb77ee9adea5a32cb10bc293
GET /it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpeg
Content-Length: 75587
Connection: keep-alive
Expires: Thu, 26 Jan 2023 20:32:10 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 3d203fedc41dfb1218e27e0669bc9a38
Age: 4066
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 20:32:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache55 [1], wzix110 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75587
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/602497.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/602497.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/602497.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500
12803.url.tudown.com/uploads/images/322887.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/322887.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/322887.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3014365090,2265636317&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565
img1.baidu.com/it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500
14.29.98.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500
IP 14.29.98.35:0
File type GIF image data, version 89a, 334 x 500\012- data
Hash bedbea521a17c7ca6574634289ae5baf
950d3c6d237ce4a4bb9dfdd64c15079c544e4430
17f7e8d5afc11c7638e2eead8f040fc341d8c09425cf59945a183713748e2179
GET /it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/gif
content-length: 22592
expires: Sun, 29 Jan 2023 10:59:08 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bedbea521a17c7ca6574634289ae5baf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 10:59:08 GMT
ohc-cache-hit: gz3ct55 [1], xiangyix67 [2]
ohc-file-size: 22592
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/202513.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/202513.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/202513.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=709184242,3003994559&fm=253&app=120&f=JPEG?w=1422&h=800
12803.url.tudown.com/uploads/images/253171.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/253171.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/253171.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346
img0.baidu.com/it/u=3249553370,1997602126&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 83 kB URL HTTP/2 img0.baidu.com/it/u=3249553370,1997602126&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5ef377308eaa372ed2976677c4945ccc
9ae0b6ffc6787f1d2904f51324a9541244da3305
c8fe0dda5bf4d675e478c690433a4793ef22ecbe85991187daeb40fd1c68b85f
GET /it/u=3249553370,1997602126&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 82824
expires: Tue, 24 Jan 2023 08:50:20 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 5ef377308eaa372ed2976677c4945ccc
age: 98065
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 08:50:20 GMT
ohc-cache-hit: ly4ct83 [4], xiangyix183 [2]
ohc-file-size: 82824
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1618250629,2625909570&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
14.29.98.35200 OK 26 kB URL HTTP/2 img1.baidu.com/it/u=1618250629,2625909570&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b10a0f934ed3e7056286480bc6b1acf
09efa472e25f8e4aa18f9a0e62e144c23205566a
37ac07c055719426df66028f812b65775b312ed3aab902e85eeab5e854a7ffbd
GET /it/u=1618250629,2625909570&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 25524
expires: Mon, 06 Feb 2023 04:52:59 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7b10a0f934ed3e7056286480bc6b1acf
age: 318752
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:52:59 GMT
ohc-cache-hit: gz3ct55 [4], suzix160 [2]
ohc-file-size: 25524
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2874450716,59716112&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
36.99.3.35200 OK 36 kB URL HTTP/2 img2.baidu.com/it/u=2874450716,59716112&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08dc9de2a31290b8c3262ca594a65b8b
8f033aaf218c98dc7018928fc68f131d3fbae35a
5714a642b31bd7ec7be236f23cad940584b0b67c2e0d9f8730759a2644862018
GET /it/u=2874450716,59716112&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 36244
expires: Wed, 25 Jan 2023 15:38:30 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 08dc9de2a31290b8c3262ca594a65b8b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 15:38:30 GMT
ohc-cache-hit: ly4ct52 [1], czix228 [4]
ohc-file-size: 36244
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273
36.99.3.35200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 306x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4adcd1f31ac5d4a19e7344f48d8247ed
08981e228bf164a70f6049ff0ccbcf9097c9b68c
010a224d62df6e711e05b4b733c87402193ab829b0c59c834b5fdd9c093b2aa0
GET /it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 14128
expires: Mon, 23 Jan 2023 01:20:08 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 4adcd1f31ac5d4a19e7344f48d8247ed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 01:20:08 GMT
ohc-cache-hit: ly4ct85 [1], qdix175 [2]
ohc-file-size: 14128
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/723072.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/723072.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/723072.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1506582459,455193344&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=440
img2.baidu.com/it/u=3162919453,102928450&fm=253&app=120&f=JPEG?w=1422&h=800
36.99.50.35200 OK 121 kB URL HTTP/1.1 img2.baidu.com/it/u=3162919453,102928450&fm=253&app=120&f=JPEG?w=1422&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 121 kB (121034 bytes)
Hash dc4ff3a2f97c9d369b66b55539c6e540
32919d5d3012f5dc164c916dff8a9bf9c4e3c8cf
3d2a3090a92e170763a0bf1552e9b4ddbff734a6c54b2eb0121ec1fd427d42cf
GET /it/u=3162919453,102928450&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpeg
Content-Length: 121034
Connection: keep-alive
Expires: Tue, 31 Jan 2023 07:19:16 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: dc4ff3a2f97c9d369b66b55539c6e540
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 07:19:16 GMT
Ohc-Cache-HIT: zz6ct62 [1], wzix62 [2]
Ohc-File-Size: 121034
X-Cache-Status: MISS
img0.baidu.com/it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500
36.99.3.35200 OK 35 kB URL HTTP/2 img0.baidu.com/it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 919x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03decb7d802d9e4dbdf784304cc8125a
7d2ed4ea0bf5d910e086f659f1e7c3d9d4cf3530
c3186348270fdb5b67f4bae9e88c5961e7d9b741e8c292b018a2b93b330054f3
GET /it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 35344
expires: Sun, 22 Jan 2023 01:57:15 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 03decb7d802d9e4dbdf784304cc8125a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 01:57:15 GMT
ohc-cache-hit: ly4ct66 [1], czix66 [2]
ohc-file-size: 35344
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3014365090,2265636317&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565
36.99.3.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=3014365090,2265636317&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x565, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 706cbd9d3e2fca349ff83277c6690f97
0c4b5e943a8868d4eff357d23cecd55c028919bb
0c3f82f1c9afc9f567541ba7e57c7276ca159577ca65f5851ab133efb013ce9e
GET /it/u=3014365090,2265636317&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 19788
expires: Sat, 21 Jan 2023 13:53:35 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 706cbd9d3e2fca349ff83277c6690f97
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 13:53:35 GMT
ohc-cache-hit: ly4ct83 [1], suzix109 [2]
ohc-file-size: 19788
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=709184242,3003994559&fm=253&app=120&f=JPEG?w=1422&h=800
14.29.98.35200 OK 177 kB URL HTTP/1.1 img1.baidu.com/it/u=709184242,3003994559&fm=253&app=120&f=JPEG?w=1422&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 177 kB (177060 bytes)
Hash 61742f785a590d1506782afb30a2e522
19d64cae65b73fc191540af5e440d0ac9dfad8ec
d3df1fafef484912c83dedf3d3e4add00fb592e68145a579d952f2482dcf734a
GET /it/u=709184242,3003994559&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:15:50 GMT
Content-Type: image/jpeg
Content-Length: 177060
Connection: keep-alive
Expires: Thu, 12 Jan 2023 01:42:56 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 61742f785a590d1506782afb30a2e522
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 13 Dec 2022 01:42:56 GMT
Ohc-Cache-HIT: gz3ct51 [2], bdix168 [4]
Ohc-File-Size: 177060
X-Cache-Status: MISS
img0.baidu.com/it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346
36.99.3.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x346, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c2176fe0efffe3ef69169d120b4c16f8
4d2cdf3ceb0549135397e3f425c34f3361e1b618
7c97d98ecd7da8e3e218bbbd08a1cefed5f76e8401d9941d419197c4eddbddf0
GET /it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 23242
expires: Thu, 09 Feb 2023 00:50:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: c2176fe0efffe3ef69169d120b4c16f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 00:50:31 GMT
ohc-cache-hit: ly4ct93 [1], bdix238 [2]
ohc-file-size: 23242
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1506582459,455193344&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=440
14.29.98.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=1506582459,455193344&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=440
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eeb5aac645a99df1b85770add447f62c
097caebde3e883eecb14545e401a4898e464e8d0
8e5e5308ecd7703f535d1bee8c961d824a33ebfc74206ec252bfa6c413f25fb5
GET /it/u=1506582459,455193344&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=440 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:15:50 GMT
content-type: image/webp
content-length: 20256
expires: Thu, 09 Feb 2023 00:55:39 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: eeb5aac645a99df1b85770add447f62c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 00:55:39 GMT
ohc-cache-hit: gz3ct58 [2], csix85 [4]
ohc-file-size: 20256
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12803.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/catia%20v5r24%E7%A0%B4%E8%A7%A3%E7%89%88%20%E4%B8%AD%E6%96%87%E7%89%88@169_55824.exe
Cookie: __bid_n=185a2d77ec85b50bb54207; FPTOKEN=Q0GOVwdqaGSv9DU9lJ2KaWpSFV1YbqdUWSTCQU8iLuKbEp8JdIy/8hetQEAg9NoQvdfPYNMUcMFf0LikFPx5b1QJJQj4hjKV7HlVBntHDoax2BlPMsuwG9fC0t3wWcbo92sZK2LRn8DnxLHXXUCiIzIghDdDxaO2ol56GPXJ21gX+wlroTgG03DuWh4Ui2HddTYnf4naQWKZk5P3ek9oTqxVXX3T0S5tGpnKpLmjug6A5i605NqXVgV/2QiafO4B6wG3oNNNbdmxClZY64wG5ejtmXULdJx1BB44tFvEJMmh4gJJZgNhO2tSDeNnV0qFx8RqmAm0UdxNSRfIQ3F/dvUKOSfDb63xFNrVd1x3Q4U0u2XOdKbA3diPW1j+4Wycjcl6sbJjBDfvpVLcJYeBxQ==|bznlW+/8k0Vd34Vvlh0exKSgh3HlGn8OCMs18S29Jt8=|10|3af666ebea0bf1cd7af4410bfa8f4151; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673475333; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1673475333
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:15:51 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u4965894_0&ver=1221&rdm=1673475336769
110.242.68.137200 OK 43 B URL HTTP/1.1 eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u4965894_0&ver=1221&rdm=1673475336769
IP 110.242.68.137:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /se.jpg?type=baiduDomShowMonitor&tuidIndex=u4965894_0&ver=1221&rdm=1673475336769 HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 11 Jan 2023 22:15:51 GMT
Expires: Wed, 11 Jan 2023 22:15:51 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u5039524_0&ver=1221&rdm=1673475336769
110.242.68.137200 OK 43 B URL HTTP/1.1 eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u5039524_0&ver=1221&rdm=1673475336769
IP 110.242.68.137:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /se.jpg?type=baiduDomShowMonitor&tuidIndex=u5039524_0&ver=1221&rdm=1673475336769 HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 11 Jan 2023 22:15:51 GMT
Expires: Wed, 11 Jan 2023 22:15:51 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.207200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.207:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Wed, 11 Jan 2023 22:10:04 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1673475004
via: cache1.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache8.se1[0,0,200-0,H], cache7.se1[4,0]
age: 340
x-cache: HIT TCP_MEM_HIT dirn:1:87099439
x-swift-savetime: Wed, 11 Jan 2023 22:10:51 GMT
x-swift-cachetime: 553
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9b16734753448488549e
X-Firefox-Spdy: h2